CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
Jan 13, 2026Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impac ...
-
CybersecurityNews
Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction Using Crafted Packets
Hikvision, a leading provider of surveillance and access control systems, faces serious security risks from two newly disclosed stack overflow vulnerabilities. These flaws, tracked as CVE-2025-66176 a ...
-
Daily CyberSecurity
AI Identity Theft: Critical ServiceNow Flaw (CVE-2025-12420) Allows Unauthenticated Impersonation
A critical vulnerability has been uncovered in the ServiceNow AI Platform, potentially allowing unauthenticated attackers to masquerade as legitimate users. With a severity score of 9.3 out of 10, the ...
-
Daily CyberSecurity
CISA “Must-Patch” Alert: Critical Gogs Exploit CVE-2025-8110 Active in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added a dangerous new entry to its “Must-Patch” list, warning that a popular tool used by developers worldwide is actively being exploit ...
-
Daily CyberSecurity
Angular Security Alert: High-Severity SVG Flaw CVE-2026-22610 Exposes Apps to XSS
A seemingly harmless feature in Scalable Vector Graphics (SVG) has become a major security headache for Angular developers. A new high-severity vulnerability, tracked as CVE-2026-22610, has been disco ...
-
TheCyberThrone
CISA Adds Gogs RCE Vulnerability CVE-2025-8110 to KEV
January 13, 2026The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-8110, a high-severity remote code execution flaw in Gogs (Go Git Service), to its Known Exploited Vu ...
-
Daily CyberSecurity
Double Critical: Hardcoded Secrets Expose Ruckus IoT Controllers to Root RCE
A pair of critical security vulnerabilities has been disclosed in the Ruckus vRIoT IoT Controller, the central brain for managing enterprise IoT devices. Both flaws carry the maximum possible CVSS sco ...
-
Daily CyberSecurity
CVE-2025-52694 (CVSS 10): Critical Advantech SQL Injection Exposes IoT Devices
The Cyber Security Agency of Singapore (CSA) has issued a high-priority alert regarding a devastating vulnerability in Advantech’s IoT product line. The flaw, tracked as CVE-2025-52694, carries the ma ...
-
Daily CyberSecurity
Critical Alert: Moxa Switches Exposed to OpenSSH Remote Code Execution (CVSS 9.8)
A critical security vulnerability has been identified in Moxa’s industrial ethernet switches, threatening the integrity of operational technology (OT) networks. The vulnerability, tracked as CVE-2023- ...
-
The Cyber Express
Attackers Targeting LLMs in Widespread Campaign
Threat actors are targeting LLMs in a widespread reconnaissance campaign that could be the first step in cyberattacks on exposed AI models, according to security researchers. The attackers scanned for ...