CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Exclusive A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly beyond, beginning in December 2024 and with activity uncovered as r ...
-
cert.pl
Vulnerability in LEX Baza Dokumentów software
Vulnerability in LEX Baza Dokumentów software CVE ID CVE-2026-1493 Publication date 30 April 2026 Vendor Wolters Kluwer Polska Product LEX Baza Dokumentów Vulnerable versions All before 1.3.4 Vulnerab ...
-
The Register
Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it. Given that cPanel and We ...
-
The Hacker News
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as ...
-
Daily CyberSecurity
NVIDIA Patches High-Severity “Prompt Injection” Flaw in NemoClaw
NVIDIA has released a critical software update for NVIDIA NemoClaw, addressing a high-severity vulnerability that could allow remote attackers to bypass security controls and exfiltrate sensitive host ...
-
security.nl
Kritiek beveiligingslek in cPanel en WHM actief misbruikt bij aanvallen
Een kritiek beveiligingslek in cPanel en WHM waardoor ongeauthenticeerde aanvallers admin-toegang tot systemen kunnen krijgen wordt actief misbruikt bij aanvallen. Beveiligingsupdates zijn sinds 28 ap ...
-
CybersecurityNews
Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild
In early 2026, two critical authentication bypass vulnerabilities in the popular open-source Qinglong task scheduler were actively exploited by hackers. According to Snyk security reports, unauthentic ...
-
CybersecurityNews
CISA Warns of ConnectWise ScreenConnect Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a severe vulnerability in ConnectWise ScreenConnect. On April 28, 2026, CISA officially added th ...
-
CybersecurityNews
ProFTPD’s SQL Injection Vulnerability Enables Remote Code Execution Attacks
A critical SQL injection vulnerability in ProFTPD, one of the Internet’s most widely deployed FTP servers. Tracked as CVE-2026-42167, this flaw carries a CVSS severity score of 8.1 and affects the mod ...
-
The Hacker News
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have al ...