CVEFeed Newsroom – Latest Cybersecurity Updates

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • TheCyberThrone
Android Framework Zero-Days Hit CISA KEV

December 3, 2025CISA added two high-severity Android Framework vulnerabilities—CVE-2025-48572 and CVE-2025-48633—to its Known Exploited Vulnerabilities (KEV) catalog on December 1, 2025, confirming li ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • Daily CyberSecurity
Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty

Google has officially promoted Chrome 143 to the stable channel for Windows, macOS, and Linux, rolling out a critical security update that addresses 13 vulnerabilities. The release, versioned as 143.0 ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • Daily CyberSecurity
Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation

The maintainers of Django, the high-level Python web framework that powers some of the internet’s largest sites, have released an important security update addressing two distinct vulnerabilities. The ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • Daily CyberSecurity
CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover

A critical security vacuum has been discovered in smart metering infrastructure, potentially leaving utility networks exposed to remote takeover. The Cybersecurity and Infrastructure Security Agency ( ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • Daily CyberSecurity
Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover

A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts, with threat actors actively trying to seize control of vulnerable websites by registering ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • Daily CyberSecurity
High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass

The maintainers of Angular, the popular platform for building mobile and desktop web applications, have released an important security advisory regarding a high-severity vulnerability in the Angular T ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • The Cloudflare Blog
Cloudflare WAF proactively protects against React vulnerability

2025-12-031 min readCloudflare has deployed a new protection to address a vulnerability in React Server Components (RSC). All Cloudflare customers are automatically protected, including those on free ...

Published Date: Dec 03, 2025 (2 weeks, 2 days ago)
  • The Cyber Express
CISA Warns that Two Android Vulnerabilities Are Under Attack

CISA warned today that two Android zero-day vulnerabilities are under active attack, within hours of Google releasing patches for the flaws. Both are high-severity Android framework vulnerabilities. C ...

Published Date: Dec 02, 2025 (2 weeks, 2 days ago)
  • The Register
Two Android 0-day bugs disclosed and fixed, plus 105 more to patch

Two high-severity Android bugs were exploited as zero-days before Google issued a fix, according to its December Android security bulletin. The two vulnerabilities are CVE-2025-48633, an information-d ...

Published Date: Dec 02, 2025 (2 weeks, 2 days ago)
  • The Register
University of Pennsylvania joins list of victims from Clop's Oracle EBS raid

The University of Pennsylvania has become the latest victim of Clop's smash-and-grab spree against Oracle's E-Business Suite (EBS) customers, with the Ivy League school now warning more than a thousan ...

Published Date: Dec 02, 2025 (2 weeks, 2 days ago)

Filters

Filter news that are affecting your technology stack
Showing 10 of 8761 Results