CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
A newly disclosed zero-day vulnerability in the KnowledgeDeliver Learning Management System (LMS) has been actively exploited in the wild to deploy the BLUEBEAM in-memory web shell, according to Mandi ...
-
cert.pl
Vulnerability in Szafir SDK software
Vulnerability in Szafir SDK software CVE ID CVE-2026-9058 Publication date 25 May 2026 Vendor Krajowa Izba Rozliczeniowa Product Szafir SDK Vulnerable versions All before 463 Vulnerability type (CWE) ...
-
The Hacker News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent th ...
-
Google Cloud
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver. Knowled ...
-
0patch.com
Micropatches released for Windows Shell Link Processing Spoofing Vulnerability (CVE-2026-25185)
March 2026 Windows Updates brought a patch for CVE-2026-25185, a flaw in Windows Explorer's processing of .LNK files that allowed an attacker to force user's computer to authenticate to a malicious se ...
-
The Hacker News
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity ...
-
cert.pl
Vulnerability in Kenik cameras software
Vulnerability in Kenik cameras software CVE ID CVE-2026-7766 Publication date 25 May 2026 Vendor Kenik Product KG-5230TAS-IL-3, KG-5230TAS-IL-G3, KG-5230DAS-IL-G3, KG-5260TZAS-IL-3, KG-5260DZAS-IL-3, ...
-
cert.pl
Vulnerability in Lifetime software
Vulnerability in Lifetime software CVE ID CVE-2026-40127 Publication date 25 May 2026 Vendor OutSystems Product Lifetime Vulnerable versions All before 11.28.2.3955 Vulnerability type (CWE) Authorizat ...
-
CybersecurityNews
Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed
A sharp rise in internet-wide scanning activity targeting SonicWall firewall management interfaces has been detected, raising concerns about a potential pre-disclosure reconnaissance phase tied to new ...
-
CybersecurityNews
CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classi ...