CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Dec 13, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink A ...
-
Daily CyberSecurity
React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners
The cybersecurity landscape was jolted this month by the disclosure of a catastrophic vulnerability in one of the world’s most popular web development frameworks. Dubbed “React2Shell,” the flaw has tr ...
-
The Hacker News
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Dec 13, 2025Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security fla ...
-
CybersecurityNews
Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users
Apple patches two WebKit zero-day flaws actively exploited in sophisticated attacks targeting specific iPhone users running iOS versions prior to 26. The iOS 26.2 and iPadOS 26.2 updates, released De ...
-
Daily CyberSecurity
Apache Airflow Flaws Leak Sensitive Credentials in UI via DAG Tracebacks & Template Rendering
The maintainers of Apache Airflow, the industry-standard platform for programmatic workflow authoring, have released a crucial security update to plug leaks that could expose sensitive credentials to ...
-
Daily CyberSecurity
Urgent: Apple Patches Two Critical WebKit Zero-Days Under Active Exploitation Against High-Risk Targets
Apple has issued an urgent security intervention for iPhone and iPad users, releasing patches for two critical zero-day vulnerabilities in the WebKit browser engine. In a concerning disclosure, the te ...
-
BleepingComputer
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. The zero-days are tracked as CVE-2 ...
-
The Register
Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit
A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Re ...
-
The Register
New React vulns leak secrets, invite DoS attacks
If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Se ...
-
CybersecurityNews
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execu ...