CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is ...
-
The Hacker News
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitatio ...
-
TheCyberThrone
CISA Adds Seven Vulnerabilities to KEV Catalog — April 13, 2026
CISA has expanded the Known Exploited Vulnerabilities catalog with seven new entries on April 13, 2026, based on evidence of active exploitation. The batch spans three vendors — Microsoft, Adobe, and ...
-
Daily CyberSecurity
VPN Security Alert: Synology Patches Flaws in SSL VPN Client
Synology has released an essential security update for its SSL VPN Client utility, addressing two “Important” severity vulnerabilities that could lead to sensitive data exposure and unauthorized traff ...
-
Daily CyberSecurity
Industrial Key Leak: Critical 9.3 CVSS Flaws Expose Mitsubishi’s GENESIS64 and ICONICS Suite
A new advisory from Mitsubishi Electric Corporation, released on April 7, 2026, has disclosed that multiple information disclosure, tampering, and Denial-of-Service (DoS) vulnerabilities exist in GENE ...
-
Daily CyberSecurity
Critical SSRF Flaw Discovered in Axios – CVE-2025-62718 (CVSS 9.3)
In the complex architecture of modern web applications, the difference between a secure internal request and a data leak can sometimes come down to a single character. Security researchers have uncove ...
-
The Register
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Crooks are exploiting four Microsoft vulnerabilities - one patched 14 years ago and another tied to ransomware activity - according to America's lead cyber-defense agency, which on Monday gave federal ...
-
CybersecurityNews
Marimo RCE Vulnerability Exploited in the Within 10 Hours of Disclosure
A critical vulnerability was disclosed in Marimo, an open-source reactive Python notebook platform. Less than 10 hours later, attackers successfully weaponized the flaw to steal sensitive cloud creden ...
-
CybersecurityNews
Critical Axios Vulnerability Allows Remote Code Execution – PoC Released
The cybersecurity community is on high alert after the disclosure of a critical security flaw in Axios, a widely used promise-based HTTP client for Node.js and browsers. Security researcher Jason Saay ...
-
CybersecurityNews
Apache Tomcat Vulnerabilities Enables Bypass of EncryptInterceptor
The Apache Software Foundation has released emergency security updates to address multiple vulnerabilities in Apache Tomcat. The latest advisories highlight a critical patching error that inadvertentl ...