CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerabi ...
-
Daily CyberSecurity
The AI Throne Reclaimed? Samsung Nears Final NVIDIA “Seal of Approval” for Game-Changing HBM4
Samsung Electronics, which has been laboring to close the yawning chasm in the artificial intelligence memory theater, has finally received promising intelligence. According to reports from Bloomberg ...
-
BleepingComputer
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...
-
BleepingComputer
WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious paylo ...
-
Kaspersky
Fake apps, NFC skimming attacks, and other Android issues in 2026 | Kaspersky official blog
The year 2025 saw a record-breaking number of attacks on Android devices. Scammers are currently riding a few major waves: the hype surrounding AI apps, the urge to bypass site blocks or age checks, t ...
-
BleepingComputer
Critical sandbox escape flaw discovered in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
-
security.nl
OpenSSL-lek kan remote code execution mogelijk maken
Een kwetsbaarheid in OpenSSL kan in bepaalde gevallen remote code execution mogelijk maken. Er zijn nieuwe versies van de software beschikbaar gesteld waarin het probleem, aangeduid als CVE-2025-15467 ...
-
CybersecurityNews
Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors
Threat actors have started targeting companies in the insurance, e-commerce, and IT sectors through a critical vulnerability tracked as CVE-2025-55182, commonly known as React2Shell. This flaw exists ...
-
BleepingComputer
From Cipher to Fear: The psychology behind modern ransomware extortion
For years, security teams treated ransomware as a technological problem. Security teams hardened backup systems, deployed endpoint detection, practiced incident response playbooks built around data re ...
-
CybersecurityNews
MEDUSA Security Testing Tool With 74 Scanners and 180+ AI Agent Security Rules
MEDUSA, an AI-first Static Application Security Testing (SAST) tool boasting 74 specialized scanners and over 180 AI agent security rules. This open-source CLI scanner targets modern development chall ...