CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
FortiGate firewalls hit by silent SSO intrusions and config theft
FortiGate firewalls are getting quietly reconfigured and stripped down by miscreants who've figured out how to sidestep SSO protections and grab sensitive settings right out of the box. That's accordi ...
-
Huntress
Huntress Catches SmarterMail Account Takeover Leading to RCE
Background / Summary The Huntress DE&TH (Detection Engineering and Threat Hunting) Team has observed in-the-wild exploitation of a privileged account takeover vulnerability (CVE-2026-23760) in Smarter ...
-
The Hacker News
ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
Most of this week's threats didn't rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows we ...
-
CybersecurityNews
Critical Vivotek Vulnerability Allows Remote Users to Inject Arbitrary Code
A critical remote code injection vulnerability in Vivotek legacy firmware that enables unauthenticated attackers to execute arbitrary commands with root privileges. The vulnerability, tracked as CVE-2 ...
-
cert.pl
TCC Bypass vulnerability in Inkscape application for MacOS
TCC Bypass vulnerability in Inkscape application for MacOS CVE ID CVE-2025-15523 Publication date 22 January 2026 Vendor Inkscape Product Inkscape Vulnerable versions All before 1.4.3 (MacOS only) Vul ...
-
CybersecurityNews
FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data
A new cluster of automated malicious activity targeting FortiGate firewall devices. Beginning January 15, 2026, threat actors have been observed executing unauthorized configuration changes, establish ...
-
security.nl
NCSC verwacht misbruik van kritiek lek bij publiek toegankelijke telnet-servers
Het Nationaal Cyber Security Centrum (NCSC) verwacht dat aanvallers op korte termijn misbruik zullen maken van een kritieke kwetsbaarheid om publiek toegankelijke telnet-servers aan te vallen. Het bev ...
-
CybersecurityNews
CISA Warns of Cisco Unified CM 0-Day RCE Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after confirming active exploitation of a zero-day remote code execution (RCE) vulnerability in multiple Cis ...
-
The Cyber Express
Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware
Network administrators worldwide are scrambling this morning following credible reports that the critical Fortinet Single Sign-On (SSO) vulnerability, tracked as CVE-2025-59718, is being actively expl ...
-
The Register
Ancient telnet bug happily hands out root to attackers
A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is "trivial" to exploit, experts say. The bug, which had gone unnoticed for nearly 11 years, was disclosed on J ...