CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Undertow HTTP Server Used in Java Apps Vulnerability Allow Attackers to Hijack Sessions
A critical security flaw has been discovered in the Undertow HTTP server core, a widely used component in Java applications such as WildFly and JBoss EAP. The vulnerability, tracked as CVE-2025-12543, ...
-
The Hacker News
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for ...
-
security.nl
VMware ESXi-lekken mogelijk een jaar voor het uitkomen van updates misbruikt
Drie kwetsbaarheden in VMware ESXi zijn mogelijk een jaar voordat beveiligingsupdates beschikbaar kwamen om ze te verhelpen, misbruikt bij aanvallen. Dat stelt securitybedrijf Huntress op basis van on ...
-
The Cyber Express
Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches
A DNS Crash disrupted networks around the world on January 8, 2026, after a flaw in the DNS client service caused multiple Cisco Small Business Switches to reboot repeatedly and, in some cases, comple ...
-
Help Net Security
January 2026 Patch Tuesday forecast: And so it continues
Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and reported issues) for the month, talk about some of the la ...
-
The Cyber Express
What Is Penetration Testing: Tools, Process, and Importance
Web applications, databases, sub-domains, DNS configuration, and public_html are some of the online places where you can never allow a hacker in. If they do, sometimes forcefully, a full account takeo ...
-
CybersecurityNews
SmarterTools SmarterMail Vulnerability Enables Remote Code Execution Attack – PoC Released
A critical pre-authentication remote code execution vulnerability, identified as CVE-2025-52691, has been discovered in SmarterTools’ SmarterMail solution. The flaw received a maximum CVSS score of 10 ...
-
CybersecurityNews
Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed
Security researchers have identified over 91,000 attack sessions targeting AI infrastructure between October 2025 and January 2026, exposing systematic campaigns against large language model deploymen ...
-
BleepingComputer
CISA retires 10 emergency cyber orders in rare bulk closure
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has retired 10 Emergency Directives issued between 2019 and 2024, saying that the required actions have been completed or are now cover ...
-
Daily CyberSecurity
Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access
Trend Micro has issued a critical security alert for users of Apex Central (on-premise), patching a dangerous remote code execution (RCE) vulnerability that could allow attackers to hijack systems wit ...