CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks
A critical vulnerability has been unearthed in Apache bRPC, an industrial-grade RPC framework widely used to power high-performance systems in search, storage, and machine learning. The flaw, tracked ...
-
CybersecurityNews
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability
A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw all ...
-
Daily CyberSecurity
Critical Devolutions Server Flaw (CVE-2025-13757) Allows Authenticated SQL Injection to Steal All Passwords
Devolutions has released urgent security updates for its flagship self-hosted password management solution, Devolutions Server, addressing three distinct vulnerabilities that could expose sensitive cr ...
-
Daily CyberSecurity
High-Severity GeoServer Flaw (CVE-2025-58360) Allows Unauthenticated XXE for File Theft and SSRF
The maintainers of GeoServer have issued an important security advisory regarding a high-severity vulnerability that could allow unauthenticated attackers to exfiltrate sensitive files or crash server ...
-
The Hacker News
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Nov 30, 2025Ravie LakshmananHacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a sec ...
-
CybersecurityNews
CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical flaw in OpenPLC ScadaBR, confirming that thre ...
-
Daily CyberSecurity
Critical Alert: Apache Kvrocks ‘RESET’ Command Flaw Grants Admin Privileges
The Apache Software Foundation has issued a critical security advisory for Apache Kvrocks, a distributed key-value NoSQL database compatible with the Redis protocol. Two significant vulnerabilities ha ...
-
Daily CyberSecurity
CISA Flags Actively Exploited OpenPLC Flaw (CVE-2021-26829)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new mandate for federal agencies to secure their industrial control systems following evidence of active exploitation in the wi ...
-
The Hacker News
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain comprom ...
-
CybersecurityNews
Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’
The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat ...