CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ...
-
security.nl
'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft'
De criminele groepering ShinyHunters heeft sinds 27 mei misbruik gemaakt van een kritieke kwetsbaarheid in Oracle PeopleSoft waar op het moment van de aanvallen nog geen patch voor beschikbaar was, zo ...
-
TheCyberThrone
Oracle PeopleSoft Zero-Day Exploited by ShinyHunters — 100+ Organizations Breached
CVE-2026-35273 | CVSS 9.8 | Critical | Zero-Day | Active ExploitationOverviewOracle’s PeopleSoft enterprise platform has been the target of a large-scale, coordinated mass-compromise campaign carried ...
-
The Hacker News
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hard ...
-
The Hacker News
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. " ...
-
The Hacker News
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leverag ...
-
TheCyberThrone
Ivanti June 2026 — Vulnerability Advisory Deep Dive
CVE-2026-10520 | Ivanti Sentry | CVSS 10.0 — OS Command InjectionVulnerability class: CWE-78 — OS Command InjectionAttack vector: Network | No authentication | No user interactionThe flaw resides in t ...
-
Google Cloud
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft applicati ...
-
The Hacker News
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-mon ...
-
security.nl
Time4Popcorn-lek laat aanvaller malafide updates bij gebruikers installeren
Een kwetsbaarheid in de software Time4Popcorn maakt het mogelijk voor aanvallers om malafide updates bij gebruikers te installeren en zo het systeem met malware te infecteren. De software wordt niet m ...