CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Exploited in the Wild: Critical OWA Spoofing Flaw (CVE-2026-42897) Hits On-Premises Exchange Servers
Microsoft has issued an urgent warning for organizations running on-premises email infrastructure. A newly disclosed vulnerability in Outlook Web Access (OWA) is being actively hunted in the wild, all ...
-
Daily CyberSecurity
79 Security Holes Sealed: Google Issues Urgent Chrome Update to Fix 14 “Critical” Vulnerabilities
Google has unleashed a major security update for the Chrome Stable channel, addressing a staggering 79 security fixes that range from internal logic errors to high-stakes remote execution threats. The ...
-
Daily CyberSecurity
Exploited in the Wild: Maximum CVSS 10 SD-WAN Flaw (CVE-2026-20182) Grants Admin Control
Cisco Talos has issued a high-priority warning regarding the active, in-the-wild exploitation of several critical vulnerabilities targeting the Cisco Catalyst SD-WAN infrastructure. Threat actors are ...
-
CybersecurityNews
Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network
A Chinese state-linked hacking group known as FamousSparrow has quietly infiltrated an Azerbaijani oil and gas company, exploiting an unpatched Microsoft Exchange server to plant multiple backdoors in ...
-
The Hacker News
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE- ...
-
The Hacker News
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game fo ...
-
CybersecurityNews
New Critical Exim Mailer Allows Remote Attacker to Execute Arbitrary Code
A critical vulnerability in the widely used Exim mail server allows unauthenticated attackers to execute arbitrary code and fully compromise exposed servers. Federico Kirschbaum, head of the Security ...
-
The Hacker News
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active since at least 2016, Ghostwriter has been li ...
-
cert.pl
Vulnerability in Verint Verba software
Vulnerability in Verint Verba software CVE ID CVE-2026-21730 Publication date 14 May 2026 Vendor Verint Product Verba Vulnerable versions All before 10.0.6 Vulnerability type (CWE) Improper Neutraliza ...
-
cert.pl
Vulnerability in WEBCON BPS software
Vulnerability in WEBCON BPS software CVE ID CVE-2026-1630 Publication date 14 May 2026 Vendor WEBCON Product WEBCON BPS Vulnerable versions From 2026.1.1.45 below 2026.1.3.109From 2025.1.1.87 before 2 ...