CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
OWASP CRS Vulnerability Allows Attackers to Bypass Charset Validation
A critical vulnerability in the OWASP Core Rule Set (CRS) has been discovered that allows attackers to bypass important security protections designed to prevent charset-based attacks. The vulnerabilit ...
-
cert.pl
Vulnerability in firmware of KAON CG3000T/CG3000TC routers
Vulnerability in firmware of KAON CG3000T/CG3000TC routers CVE ID CVE-2025-7072 Publication date 09 January 2026 Vendor KAON Product CG3000T and CG3000TC Vulnerable versions CG3000T: before 1.00.27 C ...
-
CybersecurityNews
Trend Micro Apex Central Vulnerabilities Enables Remote Code Execution Attacks
Critical security patches to address three severe vulnerabilities affecting Apex Central (on-premise) that could allow remote attackers to execute malicious code or launch denial-of-service attacks on ...
-
BleepingComputer
Trend Micro warns of critical Apex Central RCE vulnerability
Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. Apex Cen ...
-
CybersecurityNews
Undertow HTTP Server Used in Java Apps Vulnerability Allow Attackers to Hijack Sessions
A critical security flaw has been discovered in the Undertow HTTP server core, a widely used component in Java applications such as WildFly and JBoss EAP. The vulnerability, tracked as CVE-2025-12543, ...
-
The Hacker News
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for ...
-
security.nl
VMware ESXi-lekken mogelijk een jaar voor het uitkomen van updates misbruikt
Drie kwetsbaarheden in VMware ESXi zijn mogelijk een jaar voordat beveiligingsupdates beschikbaar kwamen om ze te verhelpen, misbruikt bij aanvallen. Dat stelt securitybedrijf Huntress op basis van on ...
-
The Cyber Express
Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches
A DNS Crash disrupted networks around the world on January 8, 2026, after a flaw in the DNS client service caused multiple Cisco Small Business Switches to reboot repeatedly and, in some cases, comple ...
-
Help Net Security
January 2026 Patch Tuesday forecast: And so it continues
Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and reported issues) for the month, talk about some of the la ...
-
The Cyber Express
What Is Penetration Testing: Tools, Process, and Importance
Web applications, databases, sub-domains, DNS configuration, and public_html are some of the online places where you can never allow a hacker in. If they do, sometimes forcefully, a full account takeo ...