CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2026-25592: Critical Semantic Kernel Flaw (CVSS 10.0) Allows File Overwrite
Microsoft has issued a critical security advisory for developers using its Semantic Kernel .NET SDK, warning of a vulnerability that could allow AI agents to overwrite sensitive files on the host syst ...
-
Daily CyberSecurity
CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens
A massive security hole has been blown open in Payload, the popular “Next.js native CMS” designed to live directly inside application folders. The vulnerability, tracked as CVE-2026-25544, carries a c ...
-
The Register
Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how
Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege credentials, according to Micros ...
-
The Cyber Express
SmarterTools Breached by Own SmarterMail Vulnerabilities
SmarterTools was breached by hackers exploiting a vulnerability in its own SmarterMail software through an unknown virtual machine set up by an employee that wasn’t being updated. “Prior to the breach ...
-
The Cyber Express
European Commission Hit by Mobile Infrastructure Data Breach
The European Commission’s central infrastructure for managing mobile devices was hit by a cyberattack on January 30, the Commission has revealed. The announcement said the European Commission mobile c ...
-
Hackread - Cybersecurity News, Data Breaches, AI and More
Cyber Attack Hits European Commission Staff Mobile Systems
Swift action by CERT-EU contained the breach within nine hours, linked to critical Ivanti software flaws (CVE-2026-1281 and CVE-2026-1340). The European Commission has confirmed that its central syste ...
-
The Register
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster
It's a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster. This time around, SecurityScorecard's STRIKE threat intelligence team is sounding the alarm ov ...
-
CybersecurityNews
Hackers Exploiting Ivanti EPMM Devices to Deploy Dormant Backdoors
Ivanti EPMM Devices Exploited Hackers are actively exploiting Ivanti Endpoint Manager Mobile (EPMM) appliances to plant “dormant” backdoors that can sit unused for days or weeks. Ivanti recently discl ...
-
security.nl
NCSC: meerdere organisaties via kritiek Ivanti EPMM-lek gehackt
Aanvallers hebben meerdere organisaties via een kritieke kwetsbaarheid in Ivanti EPMM weten te hacken, zo laat het Nationaal Cyber Security Centrum (NCSC) vandaag weten. De Nederlandse overheidsinstan ...
-
Help Net Security
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment
SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution ...