CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Hackers exploit newly patched Fortinet auth bypass flaws
Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files. The two vulnerabilities ...
-
CybersecurityNews
CISA Warns of Apple WebKit Vulnerability 0-Day Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical zero-day vulnerability in Apple WebKit that is currently being actively exploited in attacks. CISA has added CVE-2025-43529 to its catalog of vul ...
-
BleepingComputer
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
Author: Dray Agha, Senior Manager, Hunt & Response, at Huntress Labs Hypervisors are the backbone of modern virtualized environments, but when compromised, they can become a force multiplier for attac ...
-
CybersecurityNews
Fortinet FortiWeb Vulnerability (CVE-2025-64446) Exploited in the Wild for Full Admin Takeover
Threat actors have been actively exploiting a critical path-traversal vulnerability in Fortinet’s FortiWeb web application firewall since early October 2025, allowing unauthenticated attackers to crea ...
-
TheCyberThrone
CISA Adds Gladinet Crypto Flaw and Apple WebKit Zero-Days to KEV Catalog
December 16, 2025CISA has expanded its Known Exploited Vulnerabilities (KEV) catalog with critical flaws in Gladinet CentreStack/Triofox and Apple WebKit components, confirming active real-world explo ...
-
CybersecurityNews
Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges
A new local privilege escalation vulnerability in Microsoft’s Windows Admin Center (WAC), affecting versions up to 2.4.2.1 and environments running WAC 2411 and earlier. Tracked as CVE-2025-64669, the ...
-
hackread.com
JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices
A major security problem has been found in the JumpCloud Remote Assist for Windows agent, a tool used by over 180,000 organisations across 160 countries to manage their computers. This issue could all ...
-
security.nl
Google en Microsoft melden misbruik van kritiek React2Shell-lek
Aanvallers maken misbruik van een kritieke kwetsbaarheid in React Server Components, ook bekend als React2Shell en CVE-2025-55182, zo stellen Microsoft en Google in analyses.Daarbij spreekt Google zel ...
-
CybersecurityNews
FreePBX Vulnerabilities Enables Authentication Bypass that Leads Remote Code Execution
FreePBX has addressed critical vulnerabilities enabling authentication bypass and remote code execution in its Endpoint Manager module. Discovered by Horizon3.ai researchers, these flaws affect teleph ...
-
The Hacker News
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Dec 16, 2025Ravie LakshmananCloud Security / Vulnerability Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical i ...