CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Google Cloud
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088
Introduction The Google Threat Intelligence Group (GTIG) has identified widespread, active exploitation of the critical vulnerability CVE-2025-8088 in WinRAR, a popular file archiver tool for Windows, ...
-
security.nl
'6.000 SmarterMail-servers bevatten actief misbruikte reset-kwetsbaarheid'
Zo'n zesduizend SmarterMail-servers bevatten zeer waarschijnlijk een kritieke kwetsbaarheid waardoor ongeauthenticeerde aanvallers het wachtwoord van de administrator kunnen resetten, zo laat The Shad ...
-
cert.pl
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers CVE ID CVE-2025-12386 Publication date 27 January 2026 Vendor Pix-Link Product LV-WR21Q Vulnerable versions V108_108 Vulnerability type (CWE) M ...
-
The Hacker News
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version of the Grist relational spreadsheet-database, that could result in remote code execution. The vulnerabili ...
-
The Register
Office zero-day exploited in the wild forces Microsoft OOB patch
Microsoft has issued an emergency Office patch after confirming a zero-day flaw is already being used in real world attacks. The flaw, tracked as CVE-2026-21509, and slapped with a CVSS score of 7.8, ...
-
VMRay
The Rise of Infostealers: Understanding Evasive Malware Behavior
TL;DR / Fast Answer Infostealers have evolved from simple data thieves into critical gateways for larger attacks like ransomware. A prime example is Agent Tesla, which exploits known Excel vulnerabili ...
-
CybersecurityNews
WD Discovery Desktop App for Windows Vulnerability Enables Arbitrary Code Execution
A serious security vulnerability in Western Digital’s WD Discovery desktop application has been disclosed, potentially allowing attackers to execute arbitrary code on Windows systems. The flaw, tracke ...
-
The Cyber Express
CISA Flags Actively Exploited VMware vCenter RCE Flaw in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog, confirming tha ...
-
Help Net Security
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild ...
-
The Hacker News
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environ ...