CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
New Mirai Botnet Variant ‘Broadside’ Actively Attacking Users in the Wild
A sophisticated new variant of the Mirai botnet, named “Broadside,” has emerged as an active threat targeting maritime shipping companies and vessel operators. The malware exploits a critical vulnerab ...
-
Daily CyberSecurity
Critical Emby Server Flaw (CVE-2025-64113) Allows Unauthenticated Admin Takeover
The development team behind Emby Server, the popular personal media streaming solution, has issued an urgent security alert following the discovery of a critical vulnerability that allows unauthorized ...
-
CybersecurityNews
Operation FrostBeacon Attacking Finance and Legal Departments with Cobalt Strike Malware
A sophisticated malware campaign has emerged targeting financial and legal sectors in the Russian Federation, delivering the notorious Cobalt Strike remote access tool to organizations handling sensit ...
-
CybersecurityNews
CISA Warns of D-Link Routers Buffer Overflow Vulnerability Exploited in Attacks
A critical buffer overflow vulnerability affecting D-Link routers has been added to the CISA catalog of Known Exploited Vulnerabilities, indicating active exploitation in the wild. The flaw, tracked a ...
-
CybersecurityNews
SAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products
SAP released 14 new security notes on its monthly Security Patch Day on December 9, 2025, addressing vulnerabilities across key products, including SAP Solution Manager, NetWeaver, Commerce Cloud, and ...
-
Daily CyberSecurity
Final Patch of 2025: Critical SAP Solution Manager Flaw (CVE-2025-42880, CVSS 9.9) Risks Full System Compromise
Today, SAP has released its final security update of the year, dropping 14 new security notes. The patch bundle is headlined by a critical “Code Injection” vulnerability in SAP Solution Manager that c ...
-
CybersecurityNews
500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online
Over 565 internet-exposed Apache Tika Server instances are vulnerable to a critical XML External Entity (XXE) injection flaw. That could enable attackers to steal sensitive data, launch denial-of-serv ...
-
The Cyber Express
Apache Tika Vulnerability Widens Across Multiple Modules, Severity Now 10.0
A security issue disclosed in the Apache Tika document-processing framework has proved broader and more serious than first believed. The project’s maintainers have issued a new advisory revealing that ...
-
CybersecurityNews
Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE- ...
-
The Cyber Express
NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis
The UK’s National Cyber Security Centre (NCSC) has issued a fresh warning about the growing threat of prompt injection, a vulnerability that has quickly become one of the biggest security concerns in ...