CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA’s adds 4 vulnerabilitis to KEV Catalog
On February 3, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog with four significant vulnerabilities—each backed by evidence ...
-
Daily CyberSecurity
Rooted via Wi-Fi 7: TP-Link Patches Command Injection in Archer BE230
A new security advisory from TP-Link has disclosed multiple authenticated command injection vulnerabilities affecting its Archer BE230 Wi-Fi 7 router, specifically version 1.2.The vulnerabilities, tra ...
-
Daily CyberSecurity
CVE-2026-24936: Critical ASUSTOR Flaw (CVSS 9.5) Allows Remote System Takeover
A severe vulnerability has been discovered in ASUSTOR ADM (ASUSTOR Data Master), the operating system that powers ASUSTOR’s network-attached storage (NAS) devices. Tracked as CVE-2026-24936, this flaw ...
-
Daily CyberSecurity
Poisoned Comments: Critical Orval Flaw (CVE-2026-25141) Injects Code
A critical vulnerability has been discovered in Orval, a popular developer tool used to generate type-safe TypeScript clients from OpenAPI specifications. The flaw, tracked as CVE-2026-25141, carries ...
-
Daily CyberSecurity
Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials
For DevOps teams managing Kubernetes clusters at scale, the Rancher CLI is a vital tool. But a new high-severity vulnerability warning from the SUSE Rancher Security team suggests that under specific ...
-
Daily CyberSecurity
AI Hub Hijacked: Polymorphic Android RAT Abuses Hugging Face to Steal Data
In a troubling convergence of trusted developer infrastructure and cybercrime, Bitdefender researchers have uncovered a sophisticated Android Remote Access Trojan (RAT) campaign that is turning the po ...
-
Daily CyberSecurity
CVE-2026-25137: Critical Odoo on NixOS Flaw Exposes Databases
A critical vulnerability has been discovered in Odoo deployments running on NixOS. The vulnerability, tracked as CVE-2026-25137 (CVSS 9.1), leaves the database manager—and by extension, the entire org ...
-
Daily CyberSecurity
Game Over: Interlock Ransomware Weaponizes Anti-Cheat Zero-Day to Kill EDR
FortiGuard Threat Intelligence details related to the ScreenConnect C2 domain associated with the intrusion | Image: FortiGuard Labs A sophisticated ransomware group known as Interlock is turning the ...
-
confiant.com
The Curious Case Of MutantBedrog's Trusted-Types CSP Bypass
MutantBedrog is a malvertiser that caught our attention early summer ’24 for their highly disruptive forced redirect campaigns and the unique JavaScript payload that they use to fingerprint devices an ...
-
confiant.com
Profiling hackers using the Malvertising Attack Matrix by Confiant
A relatively new threat vector, Malvertising is a cyber-attack relying on ad networks and digital ads exposing virtually any internet user surfing the web to the risk of infection.From my experience, ...