CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
WebRAT malware spread via fake vulnerability exploits on GitHub
The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
-
Help Net Security
Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits
Malware peddlers are targeting infosec enthusiasts, budding security professionals, and aspiring hackers with the Webrat malware, masquerading the threat as proof-of-concept (PoC) exploits for known v ...
-
CybersecurityNews
Critical n8n Automation Platform Vulnerability Enables RCE Attacks – 103,000+ Instances Exposed
A critical remote code execution vulnerability has been discovered in n8n, the open-source workflow automation platform, exposing over 103,000 potentially vulnerable instances worldwide. Tracked as CV ...
-
CybersecurityNews
Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios
A comprehensive analysis of CVE-2025-50165, a critical Windows vulnerability affecting the Windows Imaging Component (WIC). That could potentially enable remote code execution through specially crafte ...
-
CybersecurityNews
PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution
Security researchers have released a Proof-of-Concept (PoC) exploit for a critical vulnerability in HPE OneView, a popular IT infrastructure management platform. The flaw, tracked as CVE-2025-37164, c ...
-
TheCyberThrone
Top 25 Most Exploited Vulnerabilities 2025
2025 was the year vulnerabilities stopped being warnings and became entry points.Attackers no longer waited for missteps. They scanned continuously, weaponized within hours, and exploited with industr ...
-
Huntress
Tradecraft Tuesday Recap: React2Shell, ClickFix, and the Rise of AI Scams
Every security professional knows the drill. You go home for the holidays and, without volunteering, you become the family’s help desk, incident responder, and fraud advisor. Somewhere between dinner ...
-
CybersecurityNews
CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation
A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on December 22, 2025, following evidence of active exploi ...
-
The Hacker News
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
Dec 23, 2025Ravie LakshmananVulnerability / Workflow Automation A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could re ...
-
Daily CyberSecurity
Anna’s Archive Claims 300TB Spotify Mirror, Forcing an Investigation Into a Massive Music Data Leak
The shadow library Anna’s Archive has claimed that it has carried out a large-scale “mirror” of Spotify’s music catalog and intends to distribute it via torrents totaling roughly 300 terabytes. Spotif ...