CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users
A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of developers to retrieve system metrics. Tracked as CVE-2025-68154, the fla ...
-
Daily CyberSecurity
Self-Hosting No Longer Free: GitHub Introduces New $0.002/Min Platform Fee for Actions
Microsoft-owned code hosting platform GitHub has announced a new pricing change for its Actions service. Previously, GitHub Actions offered a free control plane: as long as workflows ran on servers no ...
-
The Register
Attacks pummeling Cisco AsyncOS 0-day since late November
Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) ...
-
Help Net Security
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researcher ...
-
BleepingComputer
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) applia ...
-
CybersecurityNews
Operation ForumTrol Known for Exploiting Chrome 0-Day Attacking Users With New Phishing Campaign
Operation ForumTrol, an advanced persistent threat group, has launched a new targeted phishing campaign against Russian political scientists and researchers. This sophisticated operation continues the ...
-
The Hacker News
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
Dec 17, 2025Ravie LakshmananVulnerability / Network Security SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been activ ...
-
BleepingComputer
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges. According to SonicWal ...
-
Help Net Security
Actively exploited SonicWall zero-day patched (CVE-2025-40602)
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the ...
-
security.nl
Cisco waarschuwt voor misbruik van kritiek lek in Secure Email Gateway
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid voor het aanvallen van Cisco Secure Email Gateway en Cisco Secure Email & Web Manager en een beveiligingsupdate is niet beschikbaar, zo ...