CVEFeed Newsroom – Latest Cybersecurity Updates

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • Daily CyberSecurity
High-Severity DoS Flaw Hits Google Protocol Buffers (CVE-2026-0994)

A high-severity vulnerability has been discovered in Protocol Buffers (protobuf), Google’s widely used mechanism for serializing structured data. The flaw, tracked as CVE-2026-0994, affects Python imp ...

Published Date: Jan 27, 2026 (3 days, 11 hours ago)
  • Daily CyberSecurity
“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos

In a clever twist on software supply chain attacks, threat actors are weaponizing a quirk in GitHub’s architecture to distribute malware that appears to come from trusted, official sources. A new repo ...

Published Date: Jan 27, 2026 (3 days, 11 hours ago)
  • Daily CyberSecurity
“G_Wagon” Malware Hides in Fake NPM UI Library to Steal Cloud Keys

It looked like just another UI library. “ansi-universal-ui” promised to be a “lightweight, modular UI component system for modern web applications.” But behind the professional description and version ...

Published Date: Jan 27, 2026 (3 days, 11 hours ago)
  • The Cyber Express
Microsoft Releases Emergency Fix for Exploited Office Zero-Day

Microsoft has released an emergency fix for an actively-exploited zero-day vulnerability affecting Microsoft Office. The vulnerability, CVE-2026-21509, is labeled a Microsoft Office Security Feature B ...

Published Date: Jan 26, 2026 (3 days, 15 hours ago)
  • BleepingComputer
Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...

Published Date: Jan 26, 2026 (3 days, 17 hours ago)
  • The Hacker News
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...

Published Date: Jan 26, 2026 (3 days, 20 hours ago)
  • BleepingComputer
Nearly 800,000 Telnet servers exposed to remote attacks

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

Published Date: Jan 26, 2026 (3 days, 20 hours ago)
  • CybersecurityNews
800K+ GNU InetUtils telnetd Instances Exposed to RCE Attacks – PoC Released

A critical authentication bypass vulnerability in the telnetd component of GNU Inetutils has exposed approximately 800,000 internet-accessible Telnet instances to unauthenticated remote code execution ...

Published Date: Jan 26, 2026 (3 days, 20 hours ago)
  • BleepingComputer
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

The defense mechanisms that NPM introduced after the 'Shai-Hulud' supply-chain attacks have weaknesses that allow threat actors to bypass them via Git dependencies. Collectively called PackageGate, th ...

Published Date: Jan 26, 2026 (3 days, 21 hours ago)
  • security.nl
Broadcom meldt misbruik van kritieke kwetsbaarheid in VMware vCenter

Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in VMware vCenter-servers waarvoor op 18 juni 2024 beveiligingsupdates verschenen, zo melden Broadcom en het Amerikaanse cyberagentschap ...

Published Date: Jan 26, 2026 (3 days, 23 hours ago)

Filters

Filter news that are affecting your technology stack
Showing 10 of 9496 Results