CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Mozilla fixes multiple Sandbox escape Bugs
January 17, 2026The most recent Mozilla Firefox sandbox escape vulnerabilities were disclosed in January 2026 as part of Firefox security updates. These critical flaws affect multiple components and r ...
-
Daily CyberSecurity
CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover
Image: Wiz Research A seemingly minor misconfiguration in a regular expression could have allowed attackers to seize control of critical AWS infrastructure, potentially compromising millions of cloud ...
-
Daily CyberSecurity
Keylogger Found Harvesting Credentials on Top US Bank’s Employee Store
Image: Sansec Security researchers at Sansec have discovered an active keylogger planted on the employee merchandise store of a “top 3 US bank,” potentially exposing the credentials and personal data ...
-
Daily CyberSecurity
CVE-2025-60021: Apache bRPC Flaw Opens Door to Remote Command Injection
Apache has issued an important fix for bRPC, its industrial-grade C++ RPC framework used to power some of the world’s most demanding systems. The vulnerability, tracked as CVE-2025-60021, is rated as ...
-
Daily CyberSecurity
Microsoft Kills the Last Vista-Era Server Lifecycle
In 2008, Microsoft unveiled Windows Server 2008, a server-oriented operating system predicated on the Windows Vista/Longhorn architecture. Serving as the successor to Windows Server 2003, this iterati ...
-
Daily CyberSecurity
The End of Rationing: Google Boosts Gemini Limits and Unbundles Model Quotas
Google recently intimated that it would recalibrate usage quotas for its subscribers—a move that, despite its vague phrasing, effectively entails a reduction in the daily Google Gemini allocation. For ...
-
BleepingComputer
China-linked hackers exploited Sitecore zero-day for initial access
An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining access by exploiting both known and zero- ...
-
Help Net Security
Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)
Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been expl ...
-
The Register
RondoDox botnet linked to large-scale exploit of critical HPE OneView bug
A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified "large-scale exploitation ...
-
security.nl
'Aanvallers maken actief misbruik van kritiek lek in Fortinet FortiSIEM'
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Fortinet FortiSIEM waarvoor op 13 januari beveiligingsupdates verschenen, zo meldt securitybedrijf Defused. FortiSIEM is een Security ...