CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
This week's ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the ...
-
cert.pl
Vulnerabilities in WODESYS WD-R608U router
Vulnerabilities in WODESYS WD-R608U router CVE ID CVE-2025-65007 Publication date 18 December 2025 Vendor WODESYS Product WD-R608U Vulnerable versions WDR28081123OV1.01 Vulnerability type (CWE) Missin ...
-
security.nl
Microsoft maakt updates voor kritieke Office-lekken ook beschikbaar voor Mac
Microsoft heeft beveiligingsupdates voor twee kritieke kwetsbaarheden in Office die remote code execution mogelijk maken ook beschikbaar gesteld voor de Mac-versie van de kantoorsoftware. Op 9 januari ...
-
The Register
React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines
Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in s ...
-
BleepingComputer
HPE warns of maximum severity RCE flaw in OneView software
Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely. OneView is HPE's infrastructure man ...
-
security.nl
CISA verplicht Amerikaanse overheid om kritiek Cisco-lek binnen week te mitigeren
Het Amerikaanse cyberagentschap CISA heeft overheidsinstanties verplicht om een aangevallen kritieke kwetsbaarheid in de Cisco Secure Email Gateway en Cisco Secure Email & Web Manager binnen een week ...
-
Help Net Security
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructu ...
-
cert.pl
Vulnerability in Govee devices with cloud connectivity firmware
Vulnerability in Govee devices with cloud connectivity firmware CVE ID CVE-2025-10910 Publication date 18 December 2025 Vendor Govee Product H6056 Vulnerable versions 1.08.13 Vulnerability type (CWE) ...
-
CybersecurityNews
Critical Apache Commons Text Vulnerability Enables Remote Code Execution Attacks
A newly disclosed security flaw in Apache Commons Text, tracked as CVE-2025-46295, has been identified as a remote code execution (RCE) vulnerability. That could allow attackers to compromise systems ...
-
security.nl
SonicWall dicht actief aangevallen kwetsbaarheid in SMA1000-gateways
SonicWall heeft updates uitgebracht voor een kwetsbaarheid in de SMA1000-gateways die actief bij aanvallen is misbruikt voordat een patch beschikbaar was. Het beveiligingslek (CVE-2025-40602) is gecom ...