CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' w ...
-
The Hacker News
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthent ...
-
TheCyberThrone
Adobe ColdFusion CVE-2026-48282: Under Active Exploitation
Executive SummaryAdobe has released an emergency security update for CVE-2026-48282, a critical vulnerability affecting Adobe ColdFusion. With a CVSS v3.1 score of 10.0, this vulnerability represents ...
-
The Hacker News
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka C ...
-
The Hacker News
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-202 ...
-
The Hacker News
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure
Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS scor ...
-
TheCyberThrone
JadePuffer: The Dawn of Agentic AI Ransomware
When Artificial Intelligence Stops Assisting Attackers and Starts Becoming the AttackerCybersecurity has long anticipated the day when Artificial Intelligence would transition from being a supporting ...
-
security.nl
Kritiek path traversal-lek Adobe ColdFusion actief misbruikt bij aanvallen
Een kritiek path traversal-lek in Adobe ColdFusion, met een maximale impactscore van 10.0, wordt actief misbruikt bij aanvallen en laat aanvallers malafide code op servers uitvoeren. Dat meldt het Can ...
-
The Hacker News
⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ...
-
security.nl
Nederlandse SimpleHelp RMM-servers bevatten actief misbruikt lek
Wereldwijd zijn nog honderden SimpleHelp RMM-servers te vinden die een actief misbruikte kwetsbaarheid bevatten, waaronder achttien in Nederland. Dat laat The Shadowserver Foundation op basis van eige ...