CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, ...
-
The Cyber Express
The Cyber Express Weekly Roundup: Cybersecurity Weekly Round on Emerging Threats, Data Breaches, and Global Policy Shifts
This week’s weekly roundup of cybersecurity developments highlights an expanding intersection of cyber risk, regulatory action, and enterprise vulnerability. Across healthcare, technology platforms, g ...
-
The Cyber Express
CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack
Security researchers and software vendors warn that attackers are actively exploiting vulnerabilities in both Joomla and the LiteSpeed cPanel plugin, posing significant risks to website administrators ...
-
security.nl
Splunk waarschuwt voor actief misbruik van kritiek lek in Splunk Enterprise
Softwarebedrijf Splunk waarschuwt voor actief misbruik van een kritieke kwetsbaarheid in Splunk Enterprise waardoor een ongeauthenticeerde aanvaller code op het platform kan uitvoeren. Splunk kwam op ...
-
The Hacker News
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025- ...
-
TheCyberThrone
The Vulnerabilities That Matter in Oracle’s June 2026 CSPU
1. CVE-2026-35273 — PeopleSoft PeopleTools EMHub (the one that actually got people breached)This is the standout, and it’s worth walking through the full timeline because it’s a textbook case of zero- ...
-
Ars Technica
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Security firm Sentinel One has a deeper dive into CVE-2025-20701 here. Heinze and Steinmetz said last year that the full chain of attacks gave attackers the ability to do other malicious things, inclu ...
-
The Hacker News
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
Ravie LakshmananJun 18, 2026Vulnerability / Cloud Security F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execut ...
-
The Hacker News
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
The internet did not break this week. It got used exactly as designed, which is worse.Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS atta ...
-
The Hacker News
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 vi ...