CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Cisco finally fixes max-severity bug under active attack for weeks
Cisco finally delivered a fix for a maximum-severity bug in AsyncOS that has been under attack for at least a month. The networking giant disclosed the vulnerability, tracked as CVE-2025-20393, on Dec ...
-
The Register
Flipping one bit leaves AMD CPUs open to VM vuln
If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vuln ...
-
BleepingComputer
Hackers exploit Modular DS WordPress plugin flaw for admin access
Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level privilege ...
-
CybersecurityNews
Fortinet FortiSIEM Vulnerability CVE-2025-64155 Actively Exploited in Attacks
Fortinet FortiSIEM vulnerability CVE-2025-64155 is under active exploitation, as confirmed by Defused through their honeypot deployments. This critical OS command injection flaw enables unauthenticat ...
-
CybersecurityNews
Azure Identity Token Vulnerability Enables Tenant-Wide Compromise in Windows Admin Center
A high-severity vulnerability in Windows Admin Center’s Azure Single Sign-On implementation has exposed Azure virtual machines and Arc-connected systems to unauthorized access across entire tenants. C ...
-
BleepingComputer
Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices
Security researchers have discovered a critical vulnerability in Google's Fast Pair protocol that can allow attackers to hijack Bluetooth audio accessories, track users, and eavesdrop on their convers ...
-
The Hacker News
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
Jan 15, 2026Ravie LakshmananWeb Security /Vulnerability A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchsta ...
-
CybersecurityNews
Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features
Critical security updates addressing CVE-2026-20824, a protection mechanism failure in Windows Remote Assistance that permits attackers to circumvent the Mark of the Web (MOTW) defense system. The vul ...
-
The Hacker News
ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories
The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere.This week's stories show how fast attackers change their tricks, how small mistakes turn into big ...
-
Help Net Security
PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)
A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizat ...