CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in que ...
-
Daily CyberSecurity
Injection Flaws (CVE-2026-40967 & 40978) Hit Spring AI Vector Stores
Two significant vulnerabilities have been disclosed in Spring AI that could allow attackers to manipulate database queries and compromise sensitive information. These flaws, identified as CVE-2026-409 ...
-
Daily CyberSecurity
Critical LiteLLM SQL Injection (CVE-2026-42208) Exploited in the Wild
Security researchers have sounded the alarm on a critical vulnerability in LiteLLM, a massively popular open-source gateway with over 22,000 GitHub stars used to manage connections to models like Open ...
-
TheCyberThrone
FIRESTARTER: Cisco ASA Backdoor
The Advisory That Changes EverythingOn April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that FIRESTARTER — a backdoor that allows remote access and control — ...
-
Daily CyberSecurity
Unfiltered: The 9.8 CVSS Deserialization Loophole Hijacking Apache MINA
Apache MINA is a workhorse for development teams building high-performance, scalable network applications. By providing an abstract, event-driven asynchronous API over transports like TCP/IP and UDP/I ...
-
CybersecurityNews
Notepad++ Vulnerability Allows Attackers to Crash Application, Leak Memory Data
A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT professionals. The vulnerability CVE-2026-3008, which could allo ...
-
Daily CyberSecurity
The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit
Conceptual flow of the original CVE-2026-21510 exploitation | Image: Akamai Researchers at Akamai have discovered that a previous fix for a high-profile exploit used by the Russian-linked group APT28 ...
-
Daily CyberSecurity
The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)
Welcome to your Monday morning vulnerability digest. As we close out the final full week of April, the global threat landscape is painting a complex picture. We are seeing a volatile mix of deep infra ...
-
The Hacker News
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help desks worked. Weird research showed how e ...
-
CybersecurityNews
Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities
Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic controller (Soft PLC) platforms. According to Nozomi Networks Labs res ...