CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Warns of RESURGE Malware Exploiting 0-Days to Breach Ivanti Connect Secure Devices
A newly discovered malware variant named RESURGE is actively targeting Ivanti Connect Secure devices by exploiting a critical zero-day vulnerability, prompting the U.S. Cybersecurity and Infrastructur ...
-
The Hacker News
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerabili ...
-
The Cyber Express
CISA Warns RESURGE Malware Can Remain Dormant on Ivanti Connect Secure Devices
The latest update on RESURGE malware from Cybersecurity and Infrastructure Security Agency (CISA) signals a concerning reality for network defenders: stealth-focused malware is becoming harder to dete ...
-
CybersecurityNews
Angular SSR Request Vulnerability Allows Attackers to Trick Applications into Sending Unauthorized Requests
Angular SSR Request Vulnerability A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to trick applications into sending unauthorized request ...
-
The Cyber Express
Ring Camera Doorbell Ad Triggers Privacy Concerns and Public Criticism in America
A Super Bowl commercial for Ring camera doorbells ignited a wave of criticism across the United States, intensifying an already heated national conversation about surveillance and privacy. The adverti ...
-
Daily CyberSecurity
Critical Backup Flaws Expose Vitess Environments to Complete Takeover
Vitess is a cloud-native horizontally-scalable distributed database system that is built around MySQL. It allows organizations to achieve unlimited scaling through generalized sharding, and operators ...
-
Daily CyberSecurity
Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell
Artificial intelligence is making it easier than ever to build complex applications, but a newly discovered vulnerability shows that these same tools can inadvertently leave the front door wide open f ...
-
Daily CyberSecurity
Critical Flaws in Vikunja Expose Users to Persistent Account Takeovers
Vikunja is a popular open-source, self-hostable to-do application designed to help users organize their tasks using list, Kanban, Gantt, and table views while keeping their data entirely under their o ...
-
Daily CyberSecurity
CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
If your organization relies on OneUptime to keep a watchful eye on website availability, APIs, and online dashboards, a newly disclosed vulnerability requires your immediate attention. Tracked as CVE- ...
-
Daily CyberSecurity
Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
With over 18 million downloads, basic-ftp is a cornerstone utility for Node.js developers, offering a robust, Promise-based API for handling FTP, FTPS over TLS, and bulk directory operations. However, ...