CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Microsoft Office Zero-day Vulnerability Actively Exploited in Attacks
Microsoft released emergency out-of-band security updates on January 26, 2026, to address CVE-2026-21509, a zero-day security feature bypass vulnerability in Microsoft Office that attackers are active ...
-
Daily CyberSecurity
High-Severity Flaw in Western Digital Installer Opens Door to Code Execution
Western Digital, a titan in the data storage industry, has rolled out a critical update for its widely used WD Discovery software after security researchers uncovered a dangerous flaw in its installer ...
-
Daily CyberSecurity
Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks
A sophisticated new cyberweapon has been spotted in the arsenals of China-aligned Advanced Persistent Threat (APT) groups, marking a significant evolution in how state-sponsored actors evade detection ...
-
TheCyberThrone
CISA KEV Catalog Update – 5 Vulnerabilities Added
January 27, 20261) CVE-2018-14634 – Linux Kernel Integer Overflow (Local Privilege Escalation)Type: Integer overflow in the Linux kernel’s create_elf_tables() function.Impact: A local, unprivileged us ...
-
Daily CyberSecurity
Under Attack: Microsoft Patches Office Zero-Day (CVE-2026-21509) Exploited in the Wild
Microsoft has rolled out an urgent security update to plug a zero-day hole exploited in attacks in its Office suite that allows attackers to sidestep crucial defenses. The vulnerability, tracked as CV ...
-
Daily CyberSecurity
High-Severity DoS Flaw Hits Google Protocol Buffers (CVE-2026-0994)
A high-severity vulnerability has been discovered in Protocol Buffers (protobuf), Google’s widely used mechanism for serializing structured data. The flaw, tracked as CVE-2026-0994, affects Python imp ...
-
Daily CyberSecurity
“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos
In a clever twist on software supply chain attacks, threat actors are weaponizing a quirk in GitHub’s architecture to distribute malware that appears to come from trusted, official sources. A new repo ...
-
Daily CyberSecurity
“G_Wagon” Malware Hides in Fake NPM UI Library to Steal Cloud Keys
It looked like just another UI library. “ansi-universal-ui” promised to be a “lightweight, modular UI component system for modern web applications.” But behind the professional description and version ...
-
The Cyber Express
Microsoft Releases Emergency Fix for Exploited Office Zero-Day
Microsoft has released an emergency fix for an actively-exploited zero-day vulnerability affecting Microsoft Office. The vulnerability, CVE-2026-21509, is labeled a Microsoft Office Security Feature B ...
-
BleepingComputer
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...