CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Critical React2Shell flaw exploited in ransomware attacks
A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later. Reac ...
-
CybersecurityNews
Microsoft Desktop Windows Manager Out-Of-Bounds Vulnerability Let Attackers Escalate Privileges
Microsoft has confirmed a critical out-of-bounds vulnerability in the Desktop Window Manager (DWM) that allows local attackers to escalate privileges to SYSTEM on affected Windows systems. The vulnera ...
-
Red Canary
Red Canary’s best of 2025
A look back at the year’s most popular research, guides, videos, and more. December 17, 20252025 brought some big changes to Red Canary; you might have noticed some more blue in our branding. But even ...
-
The Hacker News
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
Dec 17, 2025Ravie LakshmananVulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, accord ...
-
Help Net Security
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system co ...
-
CybersecurityNews
CISA Adds Fortinet Vulnerability to KEV Catalog After Active Exploitation
CISA has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog on December 16, 2025. Designating a critical deadline of December 23, 2025, for organizations to apply nec ...
-
CybersecurityNews
CISA Warns of Gladinet CentreStack and Triofox Vulnerability Exploited in Attacks
CISA issued a critical warning regarding a hardcoded cryptographic key vulnerability affecting Gladinet CentreStack and Triofox file management solutions. The vulnerability, tracked as CVE-2025-14611, ...
-
CybersecurityNews
Chrome Zero-Day Vulnerabilities Exploited in 2025 – A Comprehensive Analysis
Throughout 2025, Google addressed a significant wave of actively exploited zero-day vulnerabilities affecting its Chrome browser, patching a total of eight critical flaws that threatened billions of u ...
-
CybersecurityNews
NVIDIA Isaac Lab Vulnerability Let Attackers Execute Malicious Code
A critical security update addressing a dangerous deserialization vulnerability in NVIDIA Isaac Lab, a component of the NVIDIA Isaac Sim framework. The flaw could allow attackers to execute arbitrary ...
-
Daily CyberSecurity
Prompt to Play: YouTube’s New Gemini 3 Tool Lets Creators Speak Games Into Existence
Google’s fixation on embedding AI across all of its services appears boundless. Following earlier experiments with the “Playables” mini-game feature on YouTube, YouTube Gaming has now announced an ope ...