CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities ...
-
Daily CyberSecurity
Critical—9 Vulnerabilities in Orthanc DICOM Servers Threaten Medical Data Integrity
A series of critical security flaws has been uncovered in Orthanc, the popular open-source “lightweight Digital Imaging and Communications in Medicine (DICOM) server used to store, process, and retrie ...
-
The Hacker News
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-saf ...
-
Daily CyberSecurity
Juju’s CVSS 10 Flaw Hands Over Master Cloud Credentials
Juju, the popular open-source application orchestration engine, is facing a critical security emergency. A newly discovered vulnerability, carrying the maximum possible severity rating of CVSS 10, all ...
-
Daily CyberSecurity
CVE-2026-4810: Critical 9.3 RCE Flaw Hits Google’s AI Agent Development Kit
A recently disclosed vulnerability in Google’s Agent Development Kit (ADK) serves as a stark reminder that even the most modular frameworks are not immune to classic security pitfalls. Security resear ...
-
security.nl
SAP dicht kritiek SQL Injection-lek in Business Planning en Business Warehouse
SAP heeft een kritieke kwetsbaarheid in Business Planning en Business Warehouse gedicht waardoor een ongeautoriseerde aanvaller op afstand willekeurige SQL-commando's op de database kan uitvoeren. De ...
-
CybersecurityNews
CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injec ...
-
Daily CyberSecurity
CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover
In the world of Linux server management, ease of use and security are intended to go hand-in-hand. However, a critical vulnerability discovered in Cockpit, the lightweight and popular interactive serv ...
-
cert.pl
Vulnerability in MCPHub software
Vulnerability in MCPHub software CVE ID CVE-2025-13822 Publication date 14 April 2026 Vendor MCPHub Product MCPHub Vulnerable versions All before 0.11.0 Vulnerability type (CWE) Authorization Bypass T ...
-
Daily CyberSecurity
Supply Chain Sabotage: The Critical RCE Flaws Lurking in PHP Composer
In the PHP ecosystem, Composer is the undisputed heavy hitter for dependency management, responsible for orchestrating the libraries that power millions of applications. However, security researchers ...