CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
SentinelOne
From React to Remote Code – Protecting Against the Critical React2Shell RCE Exposure
A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attac ...
-
SentinelOne
From React to Remote Code – Protecting Against the Critical React2Shell RCE Exposure
A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attac ...
-
The Register
Cloudflare blames Friday outage on borked fix for React2shell vuln
Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a wi ...
-
BleepingComputer
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust, a major healthcare provider in England, announced that Clop ransomware actors have stolen files from one of its databases after exploiting a vulnerability in its Oracle E-busin ...
-
cybereason.com
CVE-2025-55182: Critical Vulnerability, React2Shell, Allows for Unauthenticated RCE
Cybereason is continuing to investigate. Check the Cybereason blog for additional updates. KEY TAKEAWAYS Critical vulnerability discovered on December 3, 2025 in React that could allow for unauthentic ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 49
The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders An Australian national has received just over seven years in prison for running “evil twin” WiFi netwo ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 49
The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders An Australian national has received just over seven years in prison for running “evil twin” WiFi netwo ...
-
The Hacker News
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Dec 05, 2025Ravie LakshmananApplication Security / Vulnerability A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vu ...
-
CybersecurityNews
Cloudflare Outage Traced to Emergency React2Shell Patch Deployment
Cloudflare’s global network suffered a brief but widespread disruption this morning, lasting approximately 25 minutes, due to an internal change in its Web Application Firewall (WAF) designed to count ...
-
CybersecurityNews
Critical Apache Tika Core Vulnerability Exploited by Uploading Malicious PDF
A critical security vulnerability in Apache Tika has been discovered that allows attackers to compromise systems by uploading specially crafted PDF files. Organizations worldwide are urged to patch im ...