CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Wide Open Firewall: Critical Foomuuri Flaws Let Local Users Take Control
The SUSE Security Team has released a detailed report exposing multiple vulnerabilities in Foomuuri, a popular nftables-based firewall manager for Linux, that left the firewall’s management interface ...
-
BleepingComputer
VMware ESXi zero-days likely exploited a year before disclosure
Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted vulnerabilitie ...
-
seclists.org
KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 8 Jan 2026 15:03:37 -0600 KL-001-2026-01: yintibao Fun Print Mobile Una ...
-
hackread.com
n8n Users Urged to Patch CVSS 10.0 Full System Takeover Vulnerability
If your company uses n8n to handle daily tasks, it is time to check your version number. A major security flaw has been found in the platform, and it’s about as serious as it gets. The firm Upwind rec ...
-
The Register
Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit
Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information ...
-
The Cyber Express
CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities
A 16-year-old Microsoft PowerPoint flaw and a new maximum-severity HPE vulnerability are the latest additions to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-37164 is a 10.0-rated Co ...
-
CybersecurityNews
Hackers Launched 8.1 Million Attack Sessions to React2Shell Vulnerability
The React2Shell vulnerability (CVE-2025-55182) continues to face a relentless exploitation campaign, with threat actors launching more than 8.1 million attack sessions since its initial disclosure. Ac ...
-
cert.pl
Vulnerability in Asseco AMDX software
Vulnerability in Asseco AMDX software CVE ID CVE-2025-4596 Publication date 08 January 2026 Vendor Asseco Product AMDX Vulnerable versions All before 6.09.01.62 Vulnerability type (CWE) Authorization ...
-
security.nl
Elektrische rolstoelen via kritiek beveiligingslek op afstand te besturen
Onderzoekers hebben in elektrische rolstoelen van fabrikant Whill een kritiek beveiligingslek ontdekt waardoor het mogelijk is om de apparaten op afstand over te nemen. Een aanvaller binnen bluetooth- ...
-
Help Net Security
Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
An unauthenticated remote code execution vulnerability (CVE-2025-37164) affecting certain versions of HPE OneView is being leveraged by attackers, CISA confirmed by adding the flaw to its Known Exploi ...