CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portal ...
-
TheCyberThrone
CVE-2026-20253 — Splunk Enterprise Unauthenticated RCE
Severity: CriticalCVSS v3.1 Score: 9.8CWE: CWE-306 — Missing Authentication for Critical FunctionVendor Advisory: SVD-2026-0603What Is VulnerableCVE-2026-20253 affects Splunk Enterprise versions below ...
-
The Hacker News
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vul ...
-
Ars Technica
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
“While several organizations successfully blocked the activity or remediated the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters DLS,” Mand ...
-
The Hacker News
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Ve ...
-
The Hacker News
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ...
-
security.nl
'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft'
De criminele groepering ShinyHunters heeft sinds 27 mei misbruik gemaakt van een kritieke kwetsbaarheid in Oracle PeopleSoft waar op het moment van de aanvallen nog geen patch voor beschikbaar was, zo ...
-
TheCyberThrone
Oracle PeopleSoft Zero-Day Exploited by ShinyHunters — 100+ Organizations Breached
CVE-2026-35273 | CVSS 9.8 | Critical | Zero-Day | Active ExploitationOverviewOracle’s PeopleSoft enterprise platform has been the target of a large-scale, coordinated mass-compromise campaign carried ...
-
The Hacker News
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hard ...
-
The Hacker News
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. " ...