CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerabilities in WODESYS WD-R608U router
Vulnerabilities in WODESYS WD-R608U router CVE ID CVE-2025-65007 Publication date 18 December 2025 Vendor WODESYS Product WD-R608U Vulnerable versions WDR28081123OV1.01 Vulnerability type (CWE) Missin ...
-
security.nl
Microsoft maakt updates voor kritieke Office-lekken ook beschikbaar voor Mac
Microsoft heeft beveiligingsupdates voor twee kritieke kwetsbaarheden in Office die remote code execution mogelijk maken ook beschikbaar gesteld voor de Mac-versie van de kantoorsoftware. Op 9 januari ...
-
The Register
React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines
Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in s ...
-
BleepingComputer
HPE warns of maximum severity RCE flaw in OneView software
Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely. OneView is HPE's infrastructure man ...
-
security.nl
CISA verplicht Amerikaanse overheid om kritiek Cisco-lek binnen week te mitigeren
Het Amerikaanse cyberagentschap CISA heeft overheidsinstanties verplicht om een aangevallen kritieke kwetsbaarheid in de Cisco Secure Email Gateway en Cisco Secure Email & Web Manager binnen een week ...
-
Help Net Security
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructu ...
-
cert.pl
Vulnerability in Govee devices with cloud connectivity firmware
Vulnerability in Govee devices with cloud connectivity firmware CVE ID CVE-2025-10910 Publication date 18 December 2025 Vendor Govee Product H6056 Vulnerable versions 1.08.13 Vulnerability type (CWE) ...
-
CybersecurityNews
Critical Apache Commons Text Vulnerability Enables Remote Code Execution Attacks
A newly disclosed security flaw in Apache Commons Text, tracked as CVE-2025-46295, has been identified as a remote code execution (RCE) vulnerability. That could allow attackers to compromise systems ...
-
security.nl
SonicWall dicht actief aangevallen kwetsbaarheid in SMA1000-gateways
SonicWall heeft updates uitgebracht voor een kwetsbaarheid in de SMA1000-gateways die actief bij aanvallen is misbruikt voordat een patch beschikbaar was. Het beveiligingslek (CVE-2025-40602) is gecom ...
-
CybersecurityNews
Critical Vulnerability in Popular Node.js Library Exposes Windows Systems to RCE Attacks
A serious security flaw has been discovered in systeminformation, a popular Node.js library used by thousands of developers. The vulnerability, labelled CVE-2025-68154, allows attackers to run malicio ...