CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
PuTTY 0.84 Released With Fix for SSH KEX Crashes and Telnet Prompt Spoofing Flaw
PuTTY 0.84 has been released with fixes for multiple minor security flaws, including issues that could trigger SSH key exchange crashes and a Telnet prompt spoofing weakness. While these vulnerabiliti ...
-
security.nl
700 websites gehackt via Ghost CMS-lek en voorzien van ClickFix-code
Aanvallers hebben meer dan zevenhonderd websites die draaien op het Ghost contentmanagementsysteem (CMS) via een kritieke kwetsbaarheid gehackt en voorzien van ClickFix-code. De toegevoegde code laat ...
-
The Hacker News
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web she ...
-
CybersecurityNews
New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s ...
-
CybersecurityNews
KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
A newly disclosed zero-day vulnerability in the KnowledgeDeliver Learning Management System (LMS) has been actively exploited in the wild to deploy the BLUEBEAM in-memory web shell, according to Mandi ...
-
cert.pl
Vulnerability in Szafir SDK software
Vulnerability in Szafir SDK software CVE ID CVE-2026-9058 Publication date 25 May 2026 Vendor Krajowa Izba Rozliczeniowa Product Szafir SDK Vulnerable versions All before 463 Vulnerability type (CWE) ...
-
The Hacker News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent th ...
-
Google Cloud
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver. Knowled ...
-
0patch.com
Micropatches released for Windows Shell Link Processing Spoofing Vulnerability (CVE-2026-25185)
March 2026 Windows Updates brought a patch for CVE-2026-25185, a flaw in Windows Explorer's processing of .LNK files that allowed an attacker to force user's computer to authenticate to a malicious se ...
-
The Hacker News
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity ...