CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Proofpoint
One Email Closer to the Edge: UNK_MassTraction & the Physics of Exploitation
July 07, 2026 Greg Lesnewich, Mark Kelly, and the Proofpoint Threat Research Team Analyst note: Proofpoint uses the UNK_ designator to define clusters of activity that are still developing and have no ...
-
security.nl
Nieuw Linux-lek laat aanvaller uit guest VM ontsnappen en host overnemen
Een nieuwe kwetsbaarheid in de Linux-kernel maakt het mogelijk voor aanvallers in een guest virtual machine (VM) om code op de onderliggende host uit te voeren en die zo over te nemen. Er zijn imiddel ...
-
The Hacker News
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of ...
-
security.nl
Ubiquiti waarschuwt voor UniFi-lekken waardoor apparaten zijn over te nemen
Netwerkfabrikant Ubiquiti waarschuwt voor meerdere kritieke UniFi-lekken waardoor apparaten door aanvallers op afstand over zijn te nemen. In totaal is Ubiquiti met updates voor 25 verschillende kwets ...
-
The Hacker News
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' w ...
-
The Hacker News
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthent ...
-
TheCyberThrone
Adobe ColdFusion CVE-2026-48282: Under Active Exploitation
Executive SummaryAdobe has released an emergency security update for CVE-2026-48282, a critical vulnerability affecting Adobe ColdFusion. With a CVSS v3.1 score of 10.0, this vulnerability represents ...
-
The Hacker News
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka C ...
-
The Hacker News
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-202 ...
-
The Hacker News
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure
Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS scor ...