CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
hackread.com
MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities
In December 2025, a security team caught a group of hackers just in time. Researchers Anna Pham and Matt Anderson from the firm Huntress recently detailed how these attackers managed to “escape” from ...
-
The Hacker News
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Jan 09, 2026Ravie LakshmananVirtualization / Vulnerability Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy ...
-
The Register
China-linked cybercrims abused VMware ESXi zero-days a year before disclosure
Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the bugs it relied on were made public. That's according to researchers at Huntress, w ...
-
security.nl
Trend Micro waarschuwt voor kritiek lek in beveiligingsplatform Apex Central
Antivirusbedrijf Trend Micro waarschuwt klanten voor een kritieke kwetsbaarheid in beveiligingsplatform Apex Central, waardoor een ongeauthenticeerde aanvaller op afstand code met SYSTEM-rechten kan u ...
-
cert.pl
Vulnerabilities in firmware of Vivotek IP7137 camera
Vulnerabilities in firmware of Vivotek IP7137 camera CVE ID CVE-2025-66049 Publication date 09 January 2026 Vendor Vivotek Product IP7137 Vulnerable versions 0200a Vulnerability type (CWE) Missing Aut ...
-
security.nl
SmarterTools beschuldigd van het stilletjes patchen van zeer kritiek lek
Softwarebedrijf SmarterTools heeft een kritieke kwetsbaarheid in SmarterMail, waardoor een ongeauthenticeerde aanvaller willekeurige code op de mailserver kan uitvoeren, stilletjes gepatcht, zo beweer ...
-
CybersecurityNews
OWASP CRS Vulnerability Allows Attackers to Bypass Charset Validation
A critical vulnerability in the OWASP Core Rule Set (CRS) has been discovered that allows attackers to bypass important security protections designed to prevent charset-based attacks. The vulnerabilit ...
-
cert.pl
Vulnerability in firmware of KAON CG3000T/CG3000TC routers
Vulnerability in firmware of KAON CG3000T/CG3000TC routers CVE ID CVE-2025-7072 Publication date 09 January 2026 Vendor KAON Product CG3000T and CG3000TC Vulnerable versions CG3000T: before 1.00.27 C ...
-
CybersecurityNews
Trend Micro Apex Central Vulnerabilities Enables Remote Code Execution Attacks
Critical security patches to address three severe vulnerabilities affecting Apex Central (on-premise) that could allow remote attackers to execute malicious code or launch denial-of-service attacks on ...
-
BleepingComputer
Trend Micro warns of critical Apex Central RCE vulnerability
Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. Apex Cen ...