CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical IKEv2 Buffer Overflow and CAS Bypass Hit Palo Alto PAN-OS
Palo Alto Networks has released a series of important security updates addressing multiple vulnerabilities across its PAN-OS software. The most alarming of these is a buffer overflow in IKEv2 processi ...
-
CybersecurityNews
Langflow CVE-2026-33017 Exploited to Steal AWS Keys and Deploy NATS Worker
Attackers are now abusing a fresh Langflow vulnerability to quietly steal cloud keys and turn victim systems into workers for a new NATS based botnet. This campaign shows how a single exposed AI workf ...
-
The Cyber Express
Exim BDAT Vulnerability Exposes Email Servers to Remote Attacks
A newly revealed Exim BDAT vulnerability is affecting some email server setups that use Exim as their Mail Transfer Agent (MTA), prompting security attention due to its severity. Tracked as CVE-2026-4 ...
-
CybersecurityNews
Windows DNS Client Vulnerability Enables Remote Code Execution Attacks
A newly disclosed vulnerability in the Microsoft Windows DNS Client could let attackers silently execute malicious code across enterprise networks, exposing a massive attack surface. Officially design ...
-
The Hacker News
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to ...
-
CybersecurityNews
Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks
A critical heap buffer overflow vulnerability has been discovered in the source code of NGINX, present since 2008. This vulnerability has been publicly disclosed, along with a working proof-of-concept ...
-
The Hacker News
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, disc ...
-
CybersecurityNews
Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code
A newly disclosed critical vulnerability in MongoDB could allow threat actors to execute arbitrary code, potentially handing them complete control over affected servers and exposing millions of record ...
-
CybersecurityNews
The Gentlemen RaaS Leverages Fortinet and Cisco Edge Devices for Initial Access
A ransomware group that only surfaced in mid-2025 has already made a significant mark on the threat landscape. The Gentlemen, a ransomware-as-a-service (RaaS) operation, has quickly risen to become on ...
-
Daily CyberSecurity
200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild
In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has identified a critical authentication bypass vulnerability in Bu ...