CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Unauthenticated MongoDB Flaw Leaks Sensitive Data via zlib Compression
A critical vulnerability was disclosed in MongoDB, one of the world’s most popular NoSQL database platforms. The security flaw, tracked as CVE-2025-14847, allows attackers to siphon sensitive data fro ...
-
Daily CyberSecurity
Identity Theft in M-Files: High-Severity Flaw Lets Insiders Hijack User Accounts and Access Sensitive Data
M-Files, the intelligent information management platform used by enterprises to organize their documents, has issued a security advisory addressing two distinct vulnerabilities. The most critical of t ...
-
Daily CyberSecurity
AI-Generated Decoys & XLL Stealth: Inside the New “EchoGather” Cyber Espionage Campaign
A cyber-espionage group known for hunting Russian organizations has upgraded its arsenal, deploying malicious Excel add-ins to slip past defenses and install a new backdoor. A new report from Intezer ...
-
Daily CyberSecurity
Zero-Day Alert: Linksys Auth Bypass Lets Hackers Hijack Routers Without Passwords
Image: CSIT A popular Wi-Fi 6 router found in thousands of homes has been blown wide open by security researchers, revealing a critical flaw that allows attackers to bypass login screens and seize ful ...
-
CybersecurityNews
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel’s POSIX CPU Timers Implementation
A proof-of-concept (PoC) exploit has been publicly released for CVE-2025-38352, a race condition vulnerability affecting the Linux kernel’s POSIX CPU timer implementation. The flaw enables attackers t ...
-
CybersecurityNews
Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges
Microsoft has patched a significant use-after-free vulnerability in its Brokering File System (BFS) driver, tracked as CVE-2025-29970. The flaw enables local attackers to escalate privileges on Window ...
-
BleepingComputer
University of Phoenix data breach impacts nearly 3.5 million individuals
The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university's network in August. Headquartered in Phoe ...
-
hackread.com
Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
A popular software tool used by website owners to check their server’s health is now being used by hackers to take complete control of computers. Researchers at the cybersecurity firm Ontinue have dis ...
-
The Hacker News
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Dec 22, 2025Ravie LakshmananHacking News / Cybersecurity Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They're going after the everyday tools we trust mo ...
-
Help Net Security
WatchGuard Firebox firewalls under attack (CVE-2025-14733)
More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by attackers, Shadowserver’s ...