CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
China-linked hackers exploited Sitecore zero-day for initial access
An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining access by exploiting both known and zero- ...
-
Help Net Security
Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)
Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been expl ...
-
The Register
RondoDox botnet linked to large-scale exploit of critical HPE OneView bug
A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified "large-scale exploitation ...
-
security.nl
'Aanvallers maken actief misbruik van kritiek lek in Fortinet FortiSIEM'
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Fortinet FortiSIEM waarvoor op 13 januari beveiligingsupdates verschenen, zo meldt securitybedrijf Defused. FortiSIEM is een Security ...
-
TheCyberThrone
Cisco Finaly Patches Critical AsyncOS Zero-Day: CVE-2025-20393
January 16, 2026Cisco has released patches for a maximum-severity AsyncOS vulnerability (CVE-2025-20393) that was actively exploited by a China-linked APT group since November 2025. The flaw, carrying ...
-
BleepingComputer
Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks
A critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code is now being abused in attacks. According to security researcher Zach Hanley at penetration testing co ...
-
CybersecurityNews
Cisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild
Cisco has confirmed active exploitation of a critical zero-day remote code execution vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, t ...
-
security.nl
Cisco komt na maand met update voor misbruikt lek in Secure Email Gateway
Cisco heeft beveiligingsupdates uitgebracht voor een actief misbruikte kwetsbaarheid in de Cisco Secure Email Gateway en Cisco Secure Email & Web Manager die al een maand bekend is. Via het kritieke b ...
-
security.nl
WordPress-sites aangevallen via kritiek lek in plug-in Modular DS
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in de plug-in Modular DS voor het aanvallen en overnemen van WordPress-sites. Een beveiligingsupdate is inmiddels beschikbaar, maar het ...
-
BleepingComputer
Cisco finally fixes AsyncOS zero-day exploited since November
Cisco has finally patched a maximum-severity Cisco AsyncOS zero-day exploited in attacks against Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances since November 2025. As ...