CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in SzafirHost software
Vulnerability in SzafirHost software CVE ID CVE-2026-13165 Publication date 29 June 2026 Vendor Krajowa Izba Rozliczeniowa Product SzafirHost Vulnerable versions All before 1.2.2 Vulnerability type (C ...
-
The Hacker News
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity ...
-
cert.pl
Vulnerabilities in gzip software
Vulnerabilities in gzip software CVE ID CVE-2026-41991 Publication date 29 June 2026 Vendor GNU Product gzip Vulnerable versions All through 1.14 Vulnerability type (CWE) Insecure Temporary File (CWE- ...
-
The Hacker News
Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw
A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code ...
-
Huntress
Defence Impairment Olympics
Acknowledgements: Special thanks to Adrian Garcia, Amelia Casley, Olly Maxwell and Anton Ovrutsky for their contributions to this investigation and write-up.BackgroundAt Huntress, we have visibility i ...
-
TheCyberThrone
When PLM Becomes a Threat Surface: KEV Entry Matters Beyond IT
For years, Product Lifecycle Management (PLM) platforms have quietly sat at the heart of manufacturing ecosystems — managing designs, engineering workflows, product data, and supplier collaboration.Th ...
-
The Hacker News
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromise ...
-
The Hacker News
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and ...
-
The Hacker News
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-e ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 26
The Good | Authorities Dismantle Malware Networks and Seize Cambodian Scam Infrastructure Following the seizure of a major Phishing-as-a-Service last week, the latest move, part of Operation Endgame, ...