CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Next.js Released a Scanner to Detect and Update Apps Impacted by React2Shell Vulnerability
A dedicated command-line tool, fix-react2shell-next, to help developers immediately detect and patch the critical “React2Shell” vulnerability (CVE-2025-66478). This new scanner offers a one-line solut ...
-
CybersecurityNews
Critical Vulnerabilities in GitHub Copilot, Gemini CLI, Claude, and Other Tools Impact Millions of Users
The software development landscape has been fundamentally altered by AI-driven integrated development environments (IDEs). Tools like GitHub Copilot, Gemini CLI, and Claude Code have evolved from simp ...
-
CybersecurityNews
Predator Spyware Compamy Used 15 Zero-Days Since 2021 to Target iOS Users
A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide. The company, known for developing the Predator spyware, co ...
-
CybersecurityNews
Critical React2Shell RCE Vulnerability Exploited in the Wild to Execute Malicious Code
A critical remote code execution vulnerability, tracked as CVE-2025-55182 and dubbed “React2Shell,” is now under active exploitation in the wild. GreyNoise researchers have detected opportunistic, lar ...
-
Huntress
Hardening the Hypervisor: Practical Defenses Against Ransomware Targeting ESXi
Hypervisors are the backbone of modern virtualized environments, but when compromised, they can become a force multiplier for attackers. A single breach at this layer can put dozens or even hundreds o ...
-
Daily CyberSecurity
High-Severity Duc Disk Tool Flaw (CVE-2025-13654) Risks DoS and Information Leak via Integer Underflow
A stack-based buffer overflow vulnerability has been discovered in Duc, a popular open-source tool used for indexing and visualizing disk usage on Linux systems. The flaw, tracked as CVE-2025-13654, w ...
-
Daily CyberSecurity
High-Severity lz4-java Flaw (CVE-2025-66566) Leaks Uninitialized Memory During Decompression
A high-severity vulnerability has been unearthed in lz4-java, a widely used Java library for the LZ4 compression algorithm. Tracked as CVE-2025-66566, the flaw carries a CVSS score of 8.2, signaling a ...
-
Daily CyberSecurity
Critical Cal.com Flaw (CVE-2025-66489, CVSS 9.9) Allows Authentication Bypass by Submitting Fake TOTP Codes
A severe security vulnerability has been uncovered in Cal.com, the popular open-source scheduling platform positioned as the successor to Calendly. The flaw, which carries a near-maximum severity rati ...
-
Daily CyberSecurity
High-Severity WatchGuard Flaws Risk VPN DoS and RCE via IKEv2 Memory Corruption
WatchGuard Technologies has released a critical series of security advisories addressing five high-severity vulnerabilities across its Firebox product line. The flaws, which affect the Fireware OS, co ...
-
Daily CyberSecurity
Spyware Vendor Intellexa Used 15 Zero-Days Since 2021, Deploying Predator via “smack” iOS Exploit Chain
The mercenary spyware industry remains a persistent and adaptable threat, with the notorious vendor Intellexa continuing to expand its arsenal despite facing significant geopolitical headwinds. A new ...