CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability
Barts Health NHS Trust has confirmed that the data breach at Barts Health was carried out by the Russian-speaking Cl0p ransomware group, which exploited a vulnerability in Oracle E-Business Suite. The ...
-
The Hacker News
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
A critical security flaw in the Sneeit Framework plugin for WordPress is being actively exploited in the wild, per data from Wordfence. The remote code execution vulnerability in question is CVE-2025- ...
-
security.nl
'Tienduizenden ip-adressen kwetsbaar door React2Shell-lek'
Tienduizenden ip-adressen wereldwijd zijn kwetsbaar voor een kritiek beveiligingslek in React Server Components, ook wel bekend als CVE-2025-55182 en React2Shell, zo meldt The Shadowserver Foundation ...
-
Help Net Security
December 2025 Patch Tuesday forecast: And it’s a wrap
It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, th ...
-
CybersecurityNews
Next.js Released a Scanner to Detect and Update Apps Impacted by React2Shell Vulnerability
A dedicated command-line tool, fix-react2shell-next, to help developers immediately detect and patch the critical “React2Shell” vulnerability (CVE-2025-66478). This new scanner offers a one-line solut ...
-
CybersecurityNews
Critical Vulnerabilities in GitHub Copilot, Gemini CLI, Claude, and Other Tools Impact Millions of Users
The software development landscape has been fundamentally altered by AI-driven integrated development environments (IDEs). Tools like GitHub Copilot, Gemini CLI, and Claude Code have evolved from simp ...
-
CybersecurityNews
Predator Spyware Compamy Used 15 Zero-Days Since 2021 to Target iOS Users
A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide. The company, known for developing the Predator spyware, co ...
-
CybersecurityNews
Critical React2Shell RCE Vulnerability Exploited in the Wild to Execute Malicious Code
A critical remote code execution vulnerability, tracked as CVE-2025-55182 and dubbed “React2Shell,” is now under active exploitation in the wild. GreyNoise researchers have detected opportunistic, lar ...
-
Huntress
Hardening the Hypervisor: Practical Defenses Against Ransomware Targeting ESXi
Hypervisors are the backbone of modern virtualized environments, but when compromised, they can become a force multiplier for attackers. A single breach at this layer can put dozens or even hundreds o ...
-
Daily CyberSecurity
High-Severity Duc Disk Tool Flaw (CVE-2025-13654) Risks DoS and Information Leak via Integer Underflow
A stack-based buffer overflow vulnerability has been discovered in Duc, a popular open-source tool used for indexing and visualizing disk usage on Linux systems. The flaw, tracked as CVE-2025-13654, w ...