CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
700 websites gehackt via Ghost CMS-lek en voorzien van ClickFix-code
Aanvallers hebben meer dan zevenhonderd websites die draaien op het Ghost contentmanagementsysteem (CMS) via een kritieke kwetsbaarheid gehackt en voorzien van ClickFix-code. De toegevoegde code laat ...
-
The Hacker News
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web she ...
-
CybersecurityNews
New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s ...
-
CybersecurityNews
KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell
A newly disclosed zero-day vulnerability in the KnowledgeDeliver Learning Management System (LMS) has been actively exploited in the wild to deploy the BLUEBEAM in-memory web shell, according to Mandi ...
-
cert.pl
Vulnerability in Szafir SDK software
Vulnerability in Szafir SDK software CVE ID CVE-2026-9058 Publication date 25 May 2026 Vendor Krajowa Izba Rozliczeniowa Product Szafir SDK Vulnerable versions All before 463 Vulnerability type (CWE) ...
-
The Hacker News
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent th ...
-
Google Cloud
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver. Knowled ...
-
0patch.com
Micropatches released for Windows Shell Link Processing Spoofing Vulnerability (CVE-2026-25185)
March 2026 Windows Updates brought a patch for CVE-2026-25185, a flaw in Windows Explorer's processing of .LNK files that allowed an attacker to force user's computer to authenticate to a malicious se ...
-
The Hacker News
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity ...
-
cert.pl
Vulnerability in Kenik cameras software
Vulnerability in Kenik cameras software CVE ID CVE-2026-7766 Publication date 25 May 2026 Vendor Kenik Product KG-5230TAS-IL-3, KG-5230TAS-IL-G3, KG-5230DAS-IL-G3, KG-5260TZAS-IL-3, KG-5260DZAS-IL-3, ...