CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA Adds Seven Vulnerabilities to KEV Catalog — April 13, 2026
CISA has expanded the Known Exploited Vulnerabilities catalog with seven new entries on April 13, 2026, based on evidence of active exploitation. The batch spans three vendors — Microsoft, Adobe, and ...
-
Daily CyberSecurity
VPN Security Alert: Synology Patches Flaws in SSL VPN Client
Synology has released an essential security update for its SSL VPN Client utility, addressing two “Important” severity vulnerabilities that could lead to sensitive data exposure and unauthorized traff ...
-
Daily CyberSecurity
Industrial Key Leak: Critical 9.3 CVSS Flaws Expose Mitsubishi’s GENESIS64 and ICONICS Suite
A new advisory from Mitsubishi Electric Corporation, released on April 7, 2026, has disclosed that multiple information disclosure, tampering, and Denial-of-Service (DoS) vulnerabilities exist in GENE ...
-
Daily CyberSecurity
Critical SSRF Flaw Discovered in Axios – CVE-2025-62718 (CVSS 9.3)
In the complex architecture of modern web applications, the difference between a secure internal request and a data leak can sometimes come down to a single character. Security researchers have uncove ...
-
The Register
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Crooks are exploiting four Microsoft vulnerabilities - one patched 14 years ago and another tied to ransomware activity - according to America's lead cyber-defense agency, which on Monday gave federal ...
-
CybersecurityNews
Marimo RCE Vulnerability Exploited in the Within 10 Hours of Disclosure
A critical vulnerability was disclosed in Marimo, an open-source reactive Python notebook platform. Less than 10 hours later, attackers successfully weaponized the flaw to steal sensitive cloud creden ...
-
CybersecurityNews
Critical Axios Vulnerability Allows Remote Code Execution – PoC Released
The cybersecurity community is on high alert after the disclosure of a critical security flaw in Axios, a widely used promise-based HTTP client for Node.js and browsers. Security researcher Jason Saay ...
-
CybersecurityNews
Apache Tomcat Vulnerabilities Enables Bypass of EncryptInterceptor
The Apache Software Foundation has released emergency security updates to address multiple vulnerabilities in Apache Tomcat. The latest advisories highlight a critical patching error that inadvertentl ...
-
Daily CyberSecurity
Log4j’s “Silent” Security Gap: New Advisories Warn of Data Loss and TLS Bypasses
The Apache Log4j 2 ecosystem is facing a fresh wave of security concerns as four new vulnerabilities have been disclosed, highlighting critical flaws in how the library handles data sanitization and i ...
-
CybersecurityNews
Iran-Linked CyberAv3ngers Sets Sights on Water Utilities and Industrial Controllers
An Iran-backed cyber threat group called CyberAv3ngers has grown from a noise-making hacktivist outfit into a serious threat targeting critical infrastructure across the United States. The group, form ...