CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Palo Alto Networks Firewalls Hit by Unauthenticated GlobalProtect DoS Flaw
Palo Alto Networks has issued a warning to network administrators worldwide after discovering a high-severity vulnerability in its PAN-OS software that could allow attackers to effectively shut down f ...
-
Daily CyberSecurity
HPE Aruba Patches High-Severity DoS and Data Leak Flaws in Instant On Devices
HPE Networking has released a critical software patch for its popular Instant On series of access points and routers, addressing a trio of high-severity vulnerabilities that could allow attackers to c ...
-
Daily CyberSecurity
Zoho Patches Critical “9.1” Flaw in ADSelfService Plus
ManageEngine has issued a critical security alert for ADSelfService Plus, its widely used self-service password management and single sign-on solution. The vendor has patched a high-severity vulnerabi ...
-
Daily CyberSecurity
One API Call to Hijack: Critical Cal.com Flaw (CVE-2026-23478, CVSS 10) Bypasses 2FA
A critical security vulnerability has been found in Cal.com, the popular open-source scheduling platform used by individuals and enterprises worldwide. Tracked as CVE-2026-23478, the flaw carries the ...
-
Daily CyberSecurity
High-Severity Flaws in HPE Aruba Networking Expose Mobility Controllers to Attack
HPE Aruba Networking has released a critical security advisory patching a swarm of vulnerabilities across its AOS-8 and AOS-10 operating systems. The flaws, which affect Mobility Conductors, Controlle ...
-
Daily CyberSecurity
Command Injection Alert: High-Severity Flaws Hit LoadMaster & MOVEit WAF
Progress Software Corporation has kicked off the 2026 security calendar with an important update for its network infrastructure products. On January 12, 2026, the vendor released patches addressing tw ...
-
BleepingComputer
Exploit code public for critical FortiSIEM command injection flaw
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remo ...
-
CybersecurityNews
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sess ...
-
BleepingComputer
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week. The list of affected sys ...
-
CybersecurityNews
Critical FortiSIEM Vulnerability(CVE-2025-64155) Enable Full RCE and Root Compromise
In August 2025, Fortinet issued an advisory for CVE-2025-25256, an OS command injection vulnerability (CWE-78) in FortiSIEM that exposed the platform to unauthenticated remote code execution via craft ...