CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
reddit.com
Django SQL Injection in RasterField lookup (CVE-2026-1207)
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...
-
Zero Day Initiative
CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall
In this excerpt of a TrendAI Research Services vulnerability report, Jonathan Lein and Simon Humbert of the TrendAI Research team detail a recently patched command injection vulnerability in the Arist ...
-
Help Net Security
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in its Known Exploited Vulnerabili ...
-
Kaspersky
SIEM Rules for detecting exploitation of vulnerabilities in FortiCloud SSO
SIEM Kaspersky SIEM got a set of correlation rules for detecting attempts to exploit vulnerabilities for authentication bypass in Fortinet products. Igor Talankin February 5, 2026 Over the past two mo ...
-
CybersecurityNews
170+ SolarWinds Help Desk Installations Vulnerable to RCE Attacks Exposed Online
SolarWinds Help Desk Installations Vulnerable Over 170 SolarWinds Web Help Desk installations remain vulnerable to a critical remote code execution (RCE) flaw that has been actively exploited in the w ...
-
CybersecurityNews
Critical n8n Vulnerability Enables System Command Execution Via Weaponized Workflows
n8n Vulnerability A critical remote code execution (RCE) vulnerability in n8n, the popular workflow automation platform. This flaw allows authenticated attackers to execute arbitrary system commands o ...
-
The Hacker News
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.Researchers tracked intrusions that start in ordinary places: d ...
-
The Register
n8n security woes roll on as new critical flaws bypass December fix
Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes. The vulnerabilit ...
-
cert.pl
Vulnerabilities in Quick.Cart software
Vulnerabilities in Quick.Cart software CVE ID CVE-2026-23796 Publication date 05 February 2026 Vendor OpenSolution Product Quick.Cart Vulnerable versions 6.7 Vulnerability type (CWE) Session Fixation ...
-
The Hacker News
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coin ...