CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthent ...
-
security.nl
VS meldt actief misbruik van path traversal-lek in Git-service Gogs
Aanvallers maken actief misbruik van een path traversal-lek in Git-service Gogs, zo laat het Amerikaanse cyberagentschap CISA weten. Volgens securitybedrijf Wiz wordt het beveiligingslek al zeker sind ...
-
CybersecurityNews
Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation
A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12 ...
-
security.nl
Lek in OpenCode laat websites willekeurige code op systeem gebruikers uitvoeren
Een kwetsbaarheid in AI coding agent OpenCode zorgt ervoor dat websites willekeurige code op het systeem van gebruikers kunnen uitvoeren, zonder dat hiervoor enige interactie is vereist. De ontwikkela ...
-
CybersecurityNews
CISA Warns of Gogs Path Traversal Vulnerability Exploited in Attacks
A critical warning about a path traversal vulnerability in Gogs, a self-hosted Git service, that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-8110, was added to CISA ...
-
CybersecurityNews
New Angular Vulnerability Enables an Attacker to Execute Malicious Payload
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in Angular’s Template Compiler, affecting multiple versions of both @angular/compiler and @angular/core packages. Tracked as CVE ...
-
CybersecurityNews
100,000+ n8n Instances Exposed to Internet Vulnerable to RCE Attacks
A critical vulnerability affecting the popular n8n workflow automation platform has put over 100,000 internet-exposed instances at severe risk. Security researchers from The Shadowserver Foundation di ...
-
The Hacker News
CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
Jan 13, 2026Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impac ...
-
CybersecurityNews
Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction Using Crafted Packets
Hikvision, a leading provider of surveillance and access control systems, faces serious security risks from two newly disclosed stack overflow vulnerabilities. These flaws, tracked as CVE-2025-66176 a ...
-
Daily CyberSecurity
AI Identity Theft: Critical ServiceNow Flaw (CVE-2025-12420) Allows Unauthenticated Impersonation
A critical vulnerability has been uncovered in the ServiceNow AI Platform, potentially allowing unauthenticated attackers to masquerade as legitimate users. With a severity score of 9.3 out of 10, the ...