CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands
A proof-of-concept (PoC) exploit has been publicly released for a critical vulnerability in Fortinet’s FortiSandbox product, tracked as CVE-2026-39808. The flaw allows an unauthenticated attacker to e ...
-
Daily CyberSecurity
Critical 9.3 Flaw Lets Outsiders Hijack AVEVA Pipeline Simulations
Industrial software giant AVEVA has issued a critical security advisory for its Pipeline Simulation platform, warning of a severe authorization flaw that could allow outsiders to hijack administrative ...
-
CybersecurityNews
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices. The vulnerability, tracked ...
-
The Register
CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
CISA is sounding the alarm on a newly-exploited Apache ActiveMQ bug, ordering federal agencies to patch within two weeks as attackers circle a flaw that's been quietly lurking for more than a decade. ...
-
CybersecurityNews
Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face
A critical vulnerability in the marimo Python notebook platform is now being actively used by attackers to deploy a blockchain-powered backdoor on developer systems. The flaw, tracked as CVE-2026-3998 ...
-
cert.pl
Vulnerabilities in PAC4J software
Vulnerabilities in PAC4J software CVE ID CVE-2026-40458 Publication date 17 April 2026 Vendor PAC4J Product PAC4J Vulnerable versions From 5.0 to 5.7.10 From 6.0 to 6.4.1 Vulnerability type (CWE) Cros ...
-
0patch.com
Micropatches released for Windows Error Reporting Service Elevation of Privilege Vulnerability (CVE-2026-20817)
January 2026 Windows Updates brought a patch for CVE-2026-20817, a local privilege elevation vulnerability in Windows Error Reporting Service, allowing a local non-admin attacker to execute arbitrary ...
-
Daily CyberSecurity
Critical 9.1 SSTI Flaws Unmasked in Thymeleaf Template Engine
Thymeleaf, a widely-used modern server-side Java template engine for both web and standalone environments, has released a critical security update. The update addresses two high-severity vulnerabiliti ...
-
The Hacker News
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploi ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 16
The Good | U.S. Authorities Seize W3LL Phishing Ring & Jail DPRK IT Worker Scheme Facilitators The FBI has dismantled the “W3LL” phishing platform, seized its infrastructure, and arrested its alleged ...