CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
Today is Microsoft's January 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities.This Patch Tuesday also addres ...
-
The Cyber Express
What Is a DNS Attack? Understanding the Risks and Threats
In 2026, when websites, apps, and online services drive nearly every aspect of daily life, the Domain Name System (DNS) acts as the internet’s unsung hero. It serves as the bridge between humans and m ...
-
CybersecurityNews
Node.js Security Release Patches 7 Vulnerabilities Across All Release Lines
Node.js issued critical security updates across its active release lines on January 13, 2026, patching vulnerabilities that could lead to memory leaks, denial-of-service attacks, and permission bypass ...
-
CybersecurityNews
8000+ SmarterMail Hosts Vulnerable to RCE Attack – PoC Exploit Released
Over 8,000 internet-exposed SmarterMail servers remain vulnerable to a critical remote code execution flaw tracked as CVE-2025-52691, according to scans conducted on January 12, 2026. Security researc ...
-
CybersecurityNews
Critical OpenSSH Vulnerability Exposes Moxa Ethernet Switches to Remote Code Execution
Moxa has issued a critical security advisory regarding CVE-2023-38408, a severe vulnerability in OpenSSH affecting multiple Ethernet switch models. The flaw, with a CVSS 3.1 score of 9.8, allows unaut ...
-
The Hacker News
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
Jan 13, 2026The Hacker NewsArtificial Intelligence / Automation Security AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, t ...
-
The Register
Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list
CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KE ...
-
The Hacker News
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthent ...
-
security.nl
VS meldt actief misbruik van path traversal-lek in Git-service Gogs
Aanvallers maken actief misbruik van een path traversal-lek in Git-service Gogs, zo laat het Amerikaanse cyberagentschap CISA weten. Volgens securitybedrijf Wiz wordt het beveiligingslek al zeker sind ...
-
CybersecurityNews
Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation
A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12 ...