CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researcher ...
-
BleepingComputer
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) applia ...
-
CybersecurityNews
Operation ForumTrol Known for Exploiting Chrome 0-Day Attacking Users With New Phishing Campaign
Operation ForumTrol, an advanced persistent threat group, has launched a new targeted phishing campaign against Russian political scientists and researchers. This sophisticated operation continues the ...
-
The Hacker News
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
Dec 17, 2025Ravie LakshmananVulnerability / Network Security SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been activ ...
-
BleepingComputer
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges. According to SonicWal ...
-
Help Net Security
Actively exploited SonicWall zero-day patched (CVE-2025-40602)
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the ...
-
security.nl
Cisco waarschuwt voor misbruik van kritiek lek in Secure Email Gateway
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid voor het aanvallen van Cisco Secure Email Gateway en Cisco Secure Email & Web Manager en een beveiligingsupdate is niet beschikbaar, zo ...
-
BleepingComputer
Critical React2Shell flaw exploited in ransomware attacks
A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later. Reac ...
-
CybersecurityNews
Microsoft Desktop Windows Manager Out-Of-Bounds Vulnerability Let Attackers Escalate Privileges
Microsoft has confirmed a critical out-of-bounds vulnerability in the Desktop Window Manager (DWM) that allows local attackers to escalate privileges to SYSTEM on affected Windows systems. The vulnera ...
-
Red Canary
Red Canary’s best of 2025
A look back at the year’s most popular research, guides, videos, and more. December 17, 20252025 brought some big changes to Red Canary; you might have noticed some more blue in our branding. But even ...