CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 49
The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders An Australian national has received just over seven years in prison for running “evil twin” WiFi netwo ...
-
The Hacker News
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Dec 05, 2025Ravie LakshmananApplication Security / Vulnerability A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vu ...
-
CybersecurityNews
Cloudflare Outage Traced to Emergency React2Shell Patch Deployment
Cloudflare’s global network suffered a brief but widespread disruption this morning, lasting approximately 25 minutes, due to an internal change in its Web Application Firewall (WAF) designed to count ...
-
CybersecurityNews
Critical Apache Tika Core Vulnerability Exploited by Uploading Malicious PDF
A critical security vulnerability in Apache Tika has been discovered that allows attackers to compromise systems by uploading specially crafted PDF files. Organizations worldwide are urged to patch im ...
-
The Register
Beijing-linked hackers are hammering max-severity React bug, AWS warns
Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident ...
-
The Hacker News
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) ...
-
BleepingComputer
Cloudflare blames today's outage on emergency React2Shell patch
Earlier today, Cloudflare experienced a widespread outage that caused websites and online platforms worldwide to go down, returning a "500 Internal Server Error" message. In a status page update, the ...
-
The Hacker News
Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery
A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by I ...
-
The Cyber Express
Active Exploitation of Command Injection Flaw Confirmed in Array AG Gateways
The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed that a command injection vulnerability affecting Array Networks AG Series secure access gateways has been activ ...
-
BleepingComputer
React2Shell critical flaw actively exploited in China-linked attacks
Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed. React2Shell is an ...