CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Critical SolarWinds Web Help Desk Vulnerabilities
January 30, 2026SolarWinds has released a critical security advisory addressing multiple severe vulnerabilities in its Web Help Desk (WHD) platform that impact versions prior to 2026.1. Among the six ...
-
Help Net Security
Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and ...
-
Daily CyberSecurity
Smart Buildings at Risk: Critical Johnson Controls Flaw (CVSS 10) Allows Remote SQL Injection
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a maximum-severity vulnerability affecting Johnson Controls, a global leader in smart building technology. Th ...
-
Daily CyberSecurity
Exploited in the Wild: Critical Ivanti EPMM RCE Flaws (CVSS 9.8) Under Attack
Ivanti has issued an urgent security advisory confirming that attackers are actively exploiting critical vulnerabilities in its Endpoint Manager Mobile (EPMM) solution. The flaws, which allow unauthen ...
-
Daily CyberSecurity
Cluster Admin for All: Critical Kyverno Flaw (CVSS 10) Shatters Isolation
The maintainers of Kyverno, a popular Kubernetes-native policy engine, have released an urgent security update to address a critical vulnerability that shatters the platform’s isolation boundaries. Tr ...
-
Daily CyberSecurity
“SessionReaper” Harvests Roots: Mass Exploitation Campaign Hits Over 200 Magento Sites
A massive wave of cyberattacks has struck the e-commerce world, targeting the widely used Magento platform with a vulnerability so severe it hands attackers the keys to the kingdom. Dubbed “SessionRea ...
-
Daily CyberSecurity
Guest-to-Host Escape: NVIDIA Patches Critical vGPU & Driver Flaws
NVIDIA has released a sweeping security update to address a series of high-severity vulnerabilities affecting its GPU Display Driver and Virtual GPU (vGPU) software. The flaws, if left unpatched, coul ...
-
Daily CyberSecurity
The Great Recalibration: Amazon Cuts 16,000 More Roles in Massive Shift to AI-First Future
The retail and technology titan Amazon has proclaimed a substantial expansion of its retrenchment efforts, signaling a new wave of layoffs poised to affect 16,000 corporate personnel. This maneuver fo ...
-
BleepingComputer
Ivanti warns of two EPMM flaws exploited in zero-day attacks
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. The flaws are code-inje ...
-
seclists.org
CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength)
Full Disclosure mailing list archives From: Karol Wrótniak <karol.wrotniak () droidsonroids pl> Date: Wed, 28 Jan 2026 19:24:40 +0100 Summary ======= A vulnerability was discovered in the popular Java ...