CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hard ...
-
The Hacker News
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. " ...
-
The Hacker News
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leverag ...
-
TheCyberThrone
Ivanti June 2026 — Vulnerability Advisory Deep Dive
CVE-2026-10520 | Ivanti Sentry | CVSS 10.0 — OS Command InjectionVulnerability class: CWE-78 — OS Command InjectionAttack vector: Network | No authentication | No user interactionThe flaw resides in t ...
-
Google Cloud
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft applicati ...
-
The Hacker News
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-mon ...
-
security.nl
Time4Popcorn-lek laat aanvaller malafide updates bij gebruikers installeren
Een kwetsbaarheid in de software Time4Popcorn maakt het mogelijk voor aanvallers om malafide updates bij gebruikers te installeren en zo het systeem met malware te infecteren. De software wordt niet m ...
-
security.nl
ShinyHunters claimt datadiefstal van honderden Oracle PeopleSoft-servers
De criminele groepering ShinyHunters claimt dat het van honderden Oracle PeopleSoft-servers data heeft gestolen. Dat meldt een beveiligingsonderzoeker op X. De aanvallen zijn gericht tegenover zowel ...
-
cert.pl
Vulnerability in Golem OEE MES software
Vulnerability in Golem OEE MES software CVE ID CVE-2026-8464 Publication date 11 June 2026 Vendor Neuron Soft Product Golem OEE MES Vulnerable versions All before 11.6.0 Vulnerability type (CWE) Impro ...
-
security.nl
Grootschalig misbruik van nieuwe Ivanti Sentry-kwetsbaarheid gemeld
Aanvallers maken op grote schaal misbruik van een kritieke kwetsbaarheid in Ivanti Sentry, waarbij servers van een backdoor worden voorzien, zo waarschuwt The Shadowserver Foundation op basis van eige ...