CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
SmarterTools SmarterMail Vulnerability Enables Remote Code Execution Attack – PoC Released
A critical pre-authentication remote code execution vulnerability, identified as CVE-2025-52691, has been discovered in SmarterTools’ SmarterMail solution. The flaw received a maximum CVSS score of 10 ...
-
CybersecurityNews
Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed
Security researchers have identified over 91,000 attack sessions targeting AI infrastructure between October 2025 and January 2026, exposing systematic campaigns against large language model deploymen ...
-
BleepingComputer
CISA retires 10 emergency cyber orders in rare bulk closure
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has retired 10 Emergency Directives issued between 2019 and 2024, saying that the required actions have been completed or are now cover ...
-
Daily CyberSecurity
Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access
Trend Micro has issued a critical security alert for users of Apex Central (on-premise), patching a dangerous remote code execution (RCE) vulnerability that could allow attackers to hijack systems wit ...
-
Daily CyberSecurity
Bluetooth Broken? Apache NimBLE Flaws Enable Spoofing & Eavesdropping
The Apache Software Foundation has issued urgent patches for Apache NimBLE, the open-source Bluetooth 5.4 stack used to replace proprietary drivers on Nordic chipsets. A cluster of four security vulne ...
-
Daily CyberSecurity
Guloader Malware Rides Wave of Fake Performance Reports
Cybercriminals are weaponizing workplace anxiety in a new sophisticated phishing campaign. The AhnLab Security Intelligence Center (ASEC) has issued a warning regarding a malicious operation that leve ...
-
Daily CyberSecurity
The 9.6 Crack in Java’s Foundation: Critical Undertow Flaw CVE-2025-12543
A foundational crack has been discovered in the bedrock of the Java web ecosystem. Undertow, the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP, has been hi ...
-
Daily CyberSecurity
Wide Open Firewall: Critical Foomuuri Flaws Let Local Users Take Control
The SUSE Security Team has released a detailed report exposing multiple vulnerabilities in Foomuuri, a popular nftables-based firewall manager for Linux, that left the firewall’s management interface ...
-
BleepingComputer
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilitie ...
-
seclists.org
KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 8 Jan 2026 15:03:37 -0600 KL-001-2026-01: yintibao Fun Print Mobile Una ...