CVEFeed Newsroom – Latest Cybersecurity Updates

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • CybersecurityNews
Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

A critical sandbox escape vulnerability has been identified in vm2. This widely used Node.js library provides sandbox isolation for executing untrusted code. The flaw, tracked as CVE-2026-22709 (GHSA- ...

Published Date: Jan 28, 2026 (7 hours, 25 minutes ago)
  • TheCyberThrone
CVE-2026-24858: Fortinet FortiCloud SSO Zero-Day Under Active Exploitation

January 28, 2026A critical authentication bypass vulnerability, CVE-2026-24858, impacts multiple Fortinet products via flawed FortiCloud SSO controls. Fortinet confirmed active exploitation by malicio ...

Published Date: Jan 28, 2026 (7 hours, 56 minutes ago)
  • Daily CyberSecurity
Router Takeover: High-Severity Command Injection Flaw Hits TP-Link Archer MR600

TP-Link has issued a security advisory for its popular Archer MR600 4G+ LTE router, warning of a high-severity vulnerability that could allow attackers to seize control of the device. The flaw, tracke ...

Published Date: Jan 28, 2026 (8 hours, 41 minutes ago)
  • Help Net Security
Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerabi ...

Published Date: Jan 28, 2026 (8 hours, 48 minutes ago)
  • Daily CyberSecurity
The AI Throne Reclaimed? Samsung Nears Final NVIDIA “Seal of Approval” for Game-Changing HBM4

Samsung Electronics, which has been laboring to close the yawning chasm in the artificial intelligence memory theater, has finally received promising intelligence. According to reports from Bloomberg ...

Published Date: Jan 28, 2026 (8 hours, 58 minutes ago)
  • BleepingComputer
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

Published Date: Jan 27, 2026 (9 hours, 39 minutes ago)
  • BleepingComputer
WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious paylo ...

Published Date: Jan 27, 2026 (13 hours, 20 minutes ago)
  • Kaspersky
Fake apps, NFC skimming attacks, and other Android issues in 2026 | Kaspersky official blog

The year 2025 saw a record-breaking number of attacks on Android devices. Scammers are currently riding a few major waves: the hype surrounding AI apps, the urge to bypass site blocks or age checks, t ...

Published Date: Jan 27, 2026 (16 hours, 12 minutes ago)
  • BleepingComputer
Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...

Published Date: Jan 27, 2026 (16 hours, 23 minutes ago)
  • security.nl
OpenSSL-lek kan remote code execution mogelijk maken

Een kwetsbaarheid in OpenSSL kan in bepaalde gevallen remote code execution mogelijk maken. Er zijn nieuwe versies van de software beschikbaar gesteld waarin het probleem, aangeduid als CVE-2025-15467 ...

Published Date: Jan 27, 2026 (16 hours, 39 minutes ago)

Filters

Filter news that are affecting your technology stack
Showing 10 of 9437 Results