CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Abuse Middle East Telecom Networks for Large-Scale Command-and-Control Operations
Hackers are using telecom networks and hosting providers across the Middle East as a foundation for massive command-and-control operations, turning trusted infrastructure into a launchpad for cyberatt ...
-
CybersecurityNews
Russian Threat Groups Use RDP, VPN, Supply Chain Attacks, and Social Engineering for Initial Access
Russian state-sponsored threat groups significantly stepped up their cyber operations in 2025, using a range of methods to break into targeted systems. From exploiting remote desktop tools and virtual ...
-
CybersecurityNews
Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole Attacks
A widely-used JavaScript templating library called art-template has been weaponized to deliver a sophisticated iOS browser exploit kit through a supply chain attack. The backdoored package silently dr ...
-
CybersecurityNews
Hackers Use Six-Layer Persistence to Maintain Access on Compromised FreePBX Systems
A hacker group known as INJ3CTOR3 has been running an active campaign against FreePBX systems, deploying a newly discovered PHP webshell called JOMANGY that uses six separate persistence layers to sta ...
-
CybersecurityNews
Ubiquiti Patches Critical UniFi OS Vulnerabilities Allowing Remote Privilege Escalation
Ubiquiti Networks has released urgent security updates to address a series of highly critical vulnerabilities affecting its UniFi OS platform. These severe flaws could allow unauthenticated, remote at ...
-
Kaspersky
Breaking down the new Qualcomm chip vulnerability | Kaspersky official blog
Imagine handing your smartphone over for repair. A couple of days later, you pick it up — and great, it’s working again! But you won’t even realize that your device has been injected with malicious co ...
-
CybersecurityNews
CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, signaling ...
-
CybersecurityNews
CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Microsoft Defender vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning organizations o ...
-
TheCyberThrone
CISA adds Langflow and Trend Micro Apex One to KEV
May 22, 2026CVE-2025-34291 — Langflow Origin Validation Error (RCE)CVSS: 9.4CWE: CWE-346 — Origin Validation ErrorAffected Versions: Langflow ≤ 1.6.9Vulnerability SummaryResearchers at Obsidian Securi ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 21
The Good | Joint Operations Dismantle Cybercrime Infrastructure, Infostealers & Malicious VPNs Over 200 individuals and another 382 suspects have been rounded up in Interpol’s Operation Ramz, an initi ...