CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Hackread - Cybersecurity News, Data Breaches, AI and More
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
A 15-year-old flaw in strongSwan’s EAP-TTLS plugin could let hackers knock VPNs offline. Research from Bishop Fox reveals how a simple math error leads to massive memory corruption and service collaps ...
-
Daily CyberSecurity
High-Severity RCE Discovered in Foreman’s WebSocket Proxy
Security researchers have identified a high-severity vulnerability in Foreman, the popular open-source lifecycle management tool used by system administrators to provision and orchestrate thousands of ...
-
Daily CyberSecurity
Critical 9.6 CVSS OIDC Flaws in OpenBao Turn “Direct Login” Into a Phishing Trap
The OpenBao community, the open-source initiative dedicated to managing and distributing sensitive data like secrets and certificates, has released a high-priority security update. Two significant vul ...
-
Daily CyberSecurity
The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution
A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make Node.js applications more robust. The flaw, tracked as CVE-2026-33864, ca ...
-
The Hacker News
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped bein ...
-
The Register
Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat
In-the-wild exploitation of a critical Citrix NetScaler bug has begun less than a week after disclosure, with researchers warning that attackers are already poking and pillaging vulnerable boxes. Last ...
-
0patch.com
Micropatches released for Arbitrary Registry Key Delete As Local System With Consolidator Scheduled Task (CVE-2025-59512)
November 2025 Windows Updates brought a patch for CVE-2025-59512, a local privilege escalation vulnerability in Customer Experience Improvement Program, allowing a low-privileged Windows user to delet ...
-
Daily CyberSecurity
Critical 9.3 CVSS RCE Vulnerability Hit in OpenTelemetry Java Agent
A critical vulnerability has been uncovered in the OpenTelemetry Instrumentation for Java, a popular tool used by developers to gather performance data without changing a single line of application co ...
-
Help Net Security
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)
A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under act ...
-
Daily CyberSecurity
The 30-Year Glitch: RCE and ARM Exploits Uncovered in libpng Reference Library
Security researchers have disclosed two significant vulnerabilities in libpng, the official reference library for Portable Network Graphics (PNG). The flaws, which impact versions spanning decades of ...