CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Microsoft Defender Under Siege
OverviewThree zero-day exploits targeting Microsoft Defender — BlueHammer, RedSun, and UnDefend — have been confirmed exploited in the wild by threat actors. All three were publicly released on GitHub ...
-
CybersecurityNews
Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations
A new iteration of the notorious Mirai botnet, dubbed Nexcorium, has emerged in the wild, aggressively targeting internet-connected video recording devices. According to recent threat research publish ...
-
The Hacker News
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuar ...
-
CybersecurityNews
PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands
A proof-of-concept (PoC) exploit has been publicly released for a critical vulnerability in Fortinet’s FortiSandbox product, tracked as CVE-2026-39808. The flaw allows an unauthenticated attacker to e ...
-
Daily CyberSecurity
Critical 9.3 Flaw Lets Outsiders Hijack AVEVA Pipeline Simulations
Industrial software giant AVEVA has issued a critical security advisory for its Pipeline Simulation platform, warning of a severe authorization flaw that could allow outsiders to hijack administrative ...
-
CybersecurityNews
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices. The vulnerability, tracked ...
-
The Register
CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
CISA is sounding the alarm on a newly-exploited Apache ActiveMQ bug, ordering federal agencies to patch within two weeks as attackers circle a flaw that's been quietly lurking for more than a decade. ...
-
CybersecurityNews
Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face
A critical vulnerability in the marimo Python notebook platform is now being actively used by attackers to deploy a blockchain-powered backdoor on developer systems. The flaw, tracked as CVE-2026-3998 ...
-
cert.pl
Vulnerabilities in PAC4J software
Vulnerabilities in PAC4J software CVE ID CVE-2026-40458 Publication date 17 April 2026 Vendor PAC4J Product PAC4J Vulnerable versions From 5.0 to 5.7.10 From 6.0 to 6.4.1 Vulnerability type (CWE) Cros ...
-
0patch.com
Micropatches released for Windows Error Reporting Service Elevation of Privilege Vulnerability (CVE-2026-20817)
January 2026 Windows Updates brought a patch for CVE-2026-20817, a local privilege elevation vulnerability in Windows Error Reporting Service, allowing a local non-admin attacker to execute arbitrary ...