CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks
A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The vulnerability, tracked as CVE-2025-26385, carries a maxi ...
-
Help Net Security
Week in review: Microsoft fixes exploited Office zero-day, Fortinet patches FortiCloud SSO flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: When open science meets real-world cybersecurity In this Help Net Security interview, Matthew Kwiatkow ...
-
CybersecurityNews
SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations
A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked as CVE-20 ...
-
CybersecurityNews
Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail
The latest update to the Metasploit Framework this week provides a significant enhancement for penetration testers and red teamers, introducing seven new exploit modules targeting commonly used enterp ...
-
TheCyberThrone
Ivanti EPMM Zero-Days CVE-2026-1281 & CVE-2026-1340
January 31, 2026Ivanti has issued a critical security advisory for two zero-day remote code execution (RCE) vulnerabilities in Endpoint Manager Mobile (EPMM), actively exploited in the wild. CVE-2026- ...
-
The Register
January blues return as Ivanti coughs up exploited EPMM zero-days
Ivanti has patched two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product that are already being exploited, continuing a grim run of January security incidents for enterpr ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 5
The Good | U.S. Authorities Charge ATM Hackers, Dismantle Darkmarket, and Seize ‘RAMP’ Forum A U.S. federal grand jury has charged 31 defendants for their roles in an ATM jackpotting operation linked ...
-
reddit.com
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...
-
The Hacker News
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of ...
-
CybersecurityNews
Attackers Hijacked 200+ Websites Exploiting Magento Vulnerability to Gain Root-level Access
A critical security breach has exposed multiple Magento e-commerce platforms worldwide as threat actors successfully exploited a severe authentication flaw to achieve complete system control. The atta ...