CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Cyble Research Discovers ShadowHS, an In-Memory Linux Framework for Long-Term Access
Cyble Research & Intelligence Labs (CRIL) has uncovered a post-exploitation Linux framework called ShadowHS, designed for stealthy, in-memory operations. Unlike traditional malware, ShadowHS leverages ...
-
The Hacker News
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE- ...
-
CybersecurityNews
3,280,081 Fortinet Devices Online With Exposed Web Properties Under Risk
Over 3,280,081 Fortinet Devices Were exposed, with web properties running vulnerable Fortinet devices affected by CVE-2026-24858, a severe authentication-bypass flaw actively exploited in the wild. Th ...
-
The Hacker News
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U. ...
-
TheCyberThrone
Critical SolarWinds Web Help Desk Vulnerabilities
January 30, 2026SolarWinds has released a critical security advisory addressing multiple severe vulnerabilities in its Web Help Desk (WHD) platform that impact versions prior to 2026.1. Among the six ...
-
Help Net Security
Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and ...
-
Daily CyberSecurity
Smart Buildings at Risk: Critical Johnson Controls Flaw (CVSS 10) Allows Remote SQL Injection
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a maximum-severity vulnerability affecting Johnson Controls, a global leader in smart building technology. Th ...
-
Daily CyberSecurity
Exploited in the Wild: Critical Ivanti EPMM RCE Flaws (CVSS 9.8) Under Attack
Ivanti has issued an urgent security advisory confirming that attackers are actively exploiting critical vulnerabilities in its Endpoint Manager Mobile (EPMM) solution. The flaws, which allow unauthen ...
-
Daily CyberSecurity
Cluster Admin for All: Critical Kyverno Flaw (CVSS 10) Shatters Isolation
The maintainers of Kyverno, a popular Kubernetes-native policy engine, have released an urgent security update to address a critical vulnerability that shatters the platform’s isolation boundaries. Tr ...
-
Daily CyberSecurity
“SessionReaper” Harvests Roots: Mass Exploitation Campaign Hits Over 200 Magento Sites
A massive wave of cyberattacks has struck the e-commerce world, targeting the widely used Magento platform with a vulnerability so severe it hands attackers the keys to the kingdom. Dubbed “SessionRea ...