CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot
Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside da ...
-
The Cyber Express
The Cyber Express Weekly Roundup: Campus Cyberattack, Januscape VM Escape, Router Backdoors, UniFi Flaw, and Wireshark Security Updates
Enterprise infrastructure is increasingly under pressure as attackers and researchers alike expose weaknesses across the technology stack. This week, a confirmed university cyberattack, a critical Lin ...
-
cert.pl
Vulnerability in BitWizard mtr software
Vulnerability in BitWizard mtr software CVE ID CVE-2026-14461 Publication date 10 July 2026 Vendor BitWizard Product mtr Vulnerable versions All through 0.96 Vulnerability type (CWE) Out-of-bounds rea ...
-
The Hacker News
Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers
A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO resear ...
-
The Hacker News
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites
A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming mo ...
-
The Hacker News
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking
Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic ...
-
cert.pl
Vulnerabilities in R-SOFT DMS software
Vulnerabilities in R-SOFT DMS software CVE ID CVE-2026-41876 Publication date 10 July 2026 Vendor R-SOFT SERWIS Product DMS Vulnerable versions All before v3.19-2752 All before v3.17-2580 Vulnerabili ...
-
The Hacker News
Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that ...
-
The Cyber Express
Ubiquiti Fixes Critical CVE-2026-50746 and Multiple UniFi OS Vulnerability Flaws
Ubiquiti has released security updates to address several critical security flaws, led by CVE-2026-50746, a maximum-severity UniFi OS vulnerability with a CVSS score of 10.0. Published in Security Adv ...
-
Ars Technica
Patch for Windows Defender 0-day could allow attackers to fill hard disk
A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk spac ...