CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies
In a revelation that exposes a gaping hole in the browser extension ecosystem, Koi Security has unmasked a massive, state-aligned cyber-espionage operation that has been quietly gathering intelligence ...
-
Daily CyberSecurity
QNAP Patches High-Severity SQL Injection and Path Traversal Flaws
Network-attached storage giant QNAP has issued a sweeping set of security advisories, patching critical vulnerabilities that could allow attackers to steal sensitive data, inject malicious code, or cr ...
-
The Register
Trump admin sends heart emoji to commercial spyware makers with lifted Predator sanctions
infosec in brief The Trump administration has cleared a trio of individuals sanctioned by the Biden administration for involvement with the Intellexa spyware consortium behind the Predator surveillanc ...
-
hackread.com
RondoDox Botnet is Using React2Shell to Hijack Thousands of Unpatched Devices
If you have a smart camera at home or a small website for your business, you could be helping hackers without even knowing it, as cyber criminals are breaking into thousands of everyday devices using ...
-
BleepingComputer
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Over 10,000 Fortinet firewalls are still exposed online and vulnerable to ongoing attacks exploiting a five-year-old critical two-factor authentication (2FA) bypass vulnerability. Fortinet released Fo ...
-
CybersecurityNews
10,000+ Fortinet Firewalls Still Exposed to 5-year Old MFA Bypass Vulnerability
Over 10,000 Fortinet firewalls worldwide remain vulnerable to CVE-2020-12812, a multi-factor authentication (MFA) bypass flaw disclosed over five and a half years ago. Shadowserver recently added the ...
-
The Cyber Express
A Week That Set the Tone for 2026: Cyber Laws, Breaches, and Disinformation
This week, The Cyber Express takes a closer look at the events shaping the global cybersecurity landscape as we transition from 2025 to 2026. Throughout this week, we covered new cybersecurity laws, i ...
-
security.nl
Roundcube Webmail XSS-lek laat aanvaller e-mailaccounts overnemen
Een kwetsbaarheid in Roundcube Webmail maakt het mogelijk voor aanvallers om op afstand e-mailaccounts over te nemen. Beveiligingslekken in RoundCube zijn in het verleden vaker gebruikt bij aanvallen ...
-
CybersecurityNews
CISA Warns of WHILL Model C2 Wheelchairs Vulnerability Let Attackers Take Control of Product
A critical security advisory warned of severe vulnerabilities in WHILL electric wheelchairs that could allow attackers to hijack the devices via Bluetooth remotely. The alert affects two popular model ...
-
CybersecurityNews
Lessons From Mongobleed Vulnerability (CVE-2025-14847) That Actively Exploited In The Wild
The cybersecurity community was alarmed in late December 2025 when MongoDB announced a serious vulnerability called “Mongobleed” (CVE-2025-14847). This high-severity flaw allows unauthenticated attack ...