CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild ...
-
The Hacker News
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environ ...
-
CybersecurityNews
Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle files. ...
-
CybersecurityNews
Multiple Vulnerabilities in React Server Components Enable DoS Attacks
Multiple critical security vulnerabilities have recently been disclosed in React Server Components, enabling threat actors to launch Denial-of-Service (DoS) attacks against vulnerable servers. The fla ...
-
security.nl
Microsoft rolt noodpatch uit voor actief aangevallen kwetsbaarheid in Office
Microsoft heeft een noodpatch uitgerold voor een actief aangevallen kwetsbaarheid in Office waardoor aanvallers beveiligingsfuncties lokaal kunnen omzeilen, wat in het ergste geval tot het uitvoeren v ...
-
The Hacker News
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation
Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS s ...
-
seclists.org
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Yuffie Kisaragi via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 20 Jan 2026 17:13:27 +0000 Dear Art, Thank you for sharing your detailed eval ...
-
seclists.org
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Marco Ermini via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 23 Jan 2026 18:41:47 +0000 Hello everyone, Kindly let me introduce myself. This ...
-
seclists.org
SEC Consult SA-20260126-2 :: UART Leaking Sensitive Data in dormakaba registration unit 9002 (PIN pad)
Full Disclosure mailing list archives SEC Consult SA-20260126-2 :: UART Leaking Sensitive Data in dormakaba registration unit 9002 (PIN pad) From: SEC Consult Vulnerability Lab via Fulldisclosure <ful ...
-
seclists.org
SEC Consult SA-20260126-1 :: Multiple Critical Vulnerabilities in dormakaba Access Manager
Full Disclosure mailing list archives SEC Consult SA-20260126-1 :: Multiple Critical Vulnerabilities in dormakaba Access Manager From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure ...