CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers
The popular open-source identity and access management solution Keycloak has released a critical security update, version 26.5.7, addressing a series of vulnerabilities that could allow attackers to b ...
-
Daily CyberSecurity
CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM
In a significant discovery for enterprises and public sector organizations, a critical security vulnerability has been unmasked in GroupOffice, the popular open-source CRM and groupware suite. The fla ...
-
Daily CyberSecurity
Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security
In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities affecting the mbCONNECT24 and mymbCONNECT24 remote service platforms. Thes ...
-
The Hacker News
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One ...
-
Daily CyberSecurity
Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass
Security researchers have disclosed two major vulnerabilities within fast-jwt, a high-performance library used to implement JSON Web Tokens (JWT). The flaws reveal that even minor oversights in code l ...
-
CybersecurityNews
Apache Traffic Server Vulnerabilities Let Attackers Trigger DoS Attack
The Apache Software Foundation has released emergency security updates to address two severe vulnerabilities in the Apache Traffic Server (ATS). ATS operates as a high-performance web proxy cache that ...
-
CybersecurityNews
Critical Dgraph Database Vulnerability Let Attackers Bypass Authentication
A maximum-severity vulnerability in Dgraph, a popular open-source graph database. Tracked as CVE-2026-34976, this critical flaw carries a perfect CVSS score of 10.0. It allows unauthenticated remote a ...
-
The Cyber Express
A Compromised Tool Opened the Door to a 91GB European Commission Data Leak
The European Commission cloud breach did not begin with a dramatic system hack or a visible outage. It started quietly, with a trusted tool, a routine update, and a single compromised credential. With ...
-
CybersecurityNews
CISA Adds TrueConf Vulnerability to KEV Catalog Following Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting TrueConf software to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as C ...
-
CybersecurityNews
2,000+ FortiClient EMS Instances Exposed Online Amid Active RCE Vulnerability Exploits in the Wild
The Shadowserver Foundation has issued an urgent warning to FortiClient Enterprise Management Server (EMS) administrators after identifying over 2,000 publicly accessible instances globally, two of wh ...