CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Stealth in Script: “PeckBirdy” Framework Powers New Wave of China-Aligned Attacks
A sophisticated new cyberweapon has been spotted in the arsenals of China-aligned Advanced Persistent Threat (APT) groups, marking a significant evolution in how state-sponsored actors evade detection ...
-
TheCyberThrone
CISA KEV Catalog Update – 5 Vulnerabilities Added
January 27, 20261) CVE-2018-14634 – Linux Kernel Integer Overflow (Local Privilege Escalation)Type: Integer overflow in the Linux kernel’s create_elf_tables() function.Impact: A local, unprivileged us ...
-
Daily CyberSecurity
Under Attack: Microsoft Patches Office Zero-Day (CVE-2026-21509) Exploited in the Wild
Microsoft has rolled out an urgent security update to plug a zero-day hole exploited in attacks in its Office suite that allows attackers to sidestep crucial defenses. The vulnerability, tracked as CV ...
-
Daily CyberSecurity
High-Severity DoS Flaw Hits Google Protocol Buffers (CVE-2026-0994)
A high-severity vulnerability has been discovered in Protocol Buffers (protobuf), Google’s widely used mechanism for serializing structured data. The flaw, tracked as CVE-2026-0994, affects Python imp ...
-
Daily CyberSecurity
“Repo Squatting”: How Hackers Are Using GitHub’s Own Features to Hijack Official Repos
In a clever twist on software supply chain attacks, threat actors are weaponizing a quirk in GitHub’s architecture to distribute malware that appears to come from trusted, official sources. A new repo ...
-
Daily CyberSecurity
“G_Wagon” Malware Hides in Fake NPM UI Library to Steal Cloud Keys
It looked like just another UI library. “ansi-universal-ui” promised to be a “lightweight, modular UI component system for modern web applications.” But behind the professional description and version ...
-
The Cyber Express
Microsoft Releases Emergency Fix for Exploited Office Zero-Day
Microsoft has released an emergency fix for an actively-exploited zero-day vulnerability affecting Microsoft Office. The vulnerability, CVE-2026-21509, is labeled a Microsoft Office Security Feature B ...
-
BleepingComputer
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...
-
The Hacker News
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
-
BleepingComputer
Nearly 800,000 Telnet servers exposed to remote attacks
Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...