CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to ...
-
CybersecurityNews
Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks
A critical heap buffer overflow vulnerability has been discovered in the source code of NGINX, present since 2008. This vulnerability has been publicly disclosed, along with a working proof-of-concept ...
-
The Hacker News
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, disc ...
-
CybersecurityNews
Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code
A newly disclosed critical vulnerability in MongoDB could allow threat actors to execute arbitrary code, potentially handing them complete control over affected servers and exposing millions of record ...
-
CybersecurityNews
The Gentlemen RaaS Leverages Fortinet and Cisco Edge Devices for Initial Access
A ransomware group that only surfaced in mid-2025 has already made a significant mark on the threat landscape. The Gentlemen, a ransomware-as-a-service (RaaS) operation, has quickly risen to become on ...
-
Daily CyberSecurity
200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild
In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has identified a critical authentication bypass vulnerability in Bu ...
-
Daily CyberSecurity
Architectural Breach: AMD Zen 2 Flaw Allows Higher-Privilege Instruction Corruption
In a significant revelation for the hardware security world, AMD has identified a vulnerability targeting its Zen 2-based architecture. The flaw, tracked as CVE-2025-54518, resides deep within the pro ...
-
Daily CyberSecurity
GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances
In a major move to secure its DevOps platform, GitLab has released important security versions for both Community Edition (CE) and Enterprise Edition (EE). The updates—18.11.3, 18.10.6, and 18.9.7—add ...
-
Daily CyberSecurity
Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data
Ivanti has issued an urgent security update for its Xtraction platform to address a critical vulnerability. Carrying a CVSS score of 9.6, this flaw opens the door to severe data exposure and malicious ...
-
Daily CyberSecurity
Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover
Time-series data is the backbone of countless modern applications, from financial tickers to IoT monitoring. However, a newly disclosed vulnerability in MongoDB Server is turning this powerful feature ...