CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Android Framework Zero-Days Hit CISA KEV
December 3, 2025CISA added two high-severity Android Framework vulnerabilities—CVE-2025-48572 and CVE-2025-48633—to its Known Exploited Vulnerabilities (KEV) catalog on December 1, 2025, confirming li ...
-
Daily CyberSecurity
Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty
Google has officially promoted Chrome 143 to the stable channel for Windows, macOS, and Linux, rolling out a critical security update that addresses 13 vulnerabilities. The release, versioned as 143.0 ...
-
Daily CyberSecurity
Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation
The maintainers of Django, the high-level Python web framework that powers some of the internet’s largest sites, have released an important security update addressing two distinct vulnerabilities. The ...
-
Daily CyberSecurity
CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover
A critical security vacuum has been discovered in smart metering infrastructure, potentially leaving utility networks exposed to remote takeover. The Cybersecurity and Infrastructure Security Agency ( ...
-
Daily CyberSecurity
Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover
A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts, with threat actors actively trying to seize control of vulnerable websites by registering ...
-
Daily CyberSecurity
High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass
The maintainers of Angular, the popular platform for building mobile and desktop web applications, have released an important security advisory regarding a high-severity vulnerability in the Angular T ...
-
The Cloudflare Blog
Cloudflare WAF proactively protects against React vulnerability
2025-12-031 min readCloudflare has deployed a new protection to address a vulnerability in React Server Components (RSC). All Cloudflare customers are automatically protected, including those on free ...
-
The Cyber Express
CISA Warns that Two Android Vulnerabilities Are Under Attack
CISA warned today that two Android zero-day vulnerabilities are under active attack, within hours of Google releasing patches for the flaws. Both are high-severity Android framework vulnerabilities. C ...
-
The Register
Two Android 0-day bugs disclosed and fixed, plus 105 more to patch
Two high-severity Android bugs were exploited as zero-days before Google issued a fix, according to its December Android security bulletin. The two vulnerabilities are CVE-2025-48633, an information-d ...
-
The Register
University of Pennsylvania joins list of victims from Clop's Oracle EBS raid
The University of Pennsylvania has become the latest victim of Clop's smash-and-grab spree against Oracle's E-Business Suite (EBS) customers, with the Ivy League school now warning more than a thousan ...