CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Trust Broken: Critical Keylime Flaw (CVSS 9.4) Disables mTLS Authentication
A critical-severity vulnerability has been discovered in Keylime, the open-source tool used by cloud tenants to verify the integrity of their remote systems. Tracked as CVE-2026-1709, the flaw carries ...
-
Daily CyberSecurity
Silent Killer: Black Basta Bundles “BYOVD” Driver to Blind Antivirus
The notorious Black Basta ransomware group has upgraded its arsenal with a dangerous new capability, embedding defense evasion tools directly inside its ransomware payload. A new report by The Threat ...
-
Daily CyberSecurity
CVE-2026-25592: Critical Semantic Kernel Flaw (CVSS 10.0) Allows File Overwrite
Microsoft has issued a critical security advisory for developers using its Semantic Kernel .NET SDK, warning of a vulnerability that could allow AI agents to overwrite sensitive files on the host syst ...
-
Daily CyberSecurity
CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens
A massive security hole has been blown open in Payload, the popular “Next.js native CMS” designed to live directly inside application folders. The vulnerability, tracked as CVE-2026-25544, carries a c ...
-
The Register
Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how
Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege credentials, according to Micros ...
-
The Cyber Express
SmarterTools Breached by Own SmarterMail Vulnerabilities
SmarterTools was breached by hackers exploiting a vulnerability in its own SmarterMail software through an unknown virtual machine set up by an employee that wasn’t being updated. “Prior to the breach ...
-
The Cyber Express
European Commission Hit by Mobile Infrastructure Data Breach
The European Commission’s central infrastructure for managing mobile devices was hit by a cyberattack on January 30, the Commission has revealed. The announcement said the European Commission mobile c ...
-
Hackread - Cybersecurity News, Data Breaches, AI and More
Cyber Attack Hits European Commission Staff Mobile Systems
Swift action by CERT-EU contained the breach within nine hours, linked to critical Ivanti software flaws (CVE-2026-1281 and CVE-2026-1340). The European Commission has confirmed that its central syste ...
-
The Register
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster
It's a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster. This time around, SecurityScorecard's STRIKE threat intelligence team is sounding the alarm ov ...
-
CybersecurityNews
Hackers Exploiting Ivanti EPMM Devices to Deploy Dormant Backdoors
Ivanti EPMM Devices Exploited Hackers are actively exploiting Ivanti Endpoint Manager Mobile (EPMM) appliances to plant “dormant” backdoors that can sit unused for days or weeks. Ivanti recently discl ...