CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Attackers exploited this critical FortiClient EMS bug as a 0-day
Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31. The flaw, tracked as CVE-20 ...
-
CybersecurityNews
CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), ...
-
Daily CyberSecurity
The 24-Hour Blitz: Storm-1175 Weaponizes Zero-Days for High-Velocity Ransomware
Storm-1175 attack chain | Image: Microsoft A new report from Microsoft Threat Intelligence has exposured on Storm-1175, a financially motivated threat actor that has mastered the art of the high-veloc ...
-
Daily CyberSecurity
The Ninja’s Open Door: How a 9.8 CVSS Flaw Grants Hackers Full Control of 50,000 WordPress Sites
In a major alert for the WordPress community, a critical security flaw has been disclosed in the Ninja Forms – File Upload plugin. The vulnerability, tracked as CVE-2026-0740, carries a CVSS score of ...
-
Daily CyberSecurity
Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers
The popular open-source identity and access management solution Keycloak has released a critical security update, version 26.5.7, addressing a series of vulnerabilities that could allow attackers to b ...
-
Daily CyberSecurity
CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM
In a significant discovery for enterprises and public sector organizations, a critical security vulnerability has been unmasked in GroupOffice, the popular open-source CRM and groupware suite. The fla ...
-
Daily CyberSecurity
Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security
In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities affecting the mbCONNECT24 and mymbCONNECT24 remote service platforms. Thes ...
-
The Hacker News
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One ...
-
Daily CyberSecurity
Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass
Security researchers have disclosed two major vulnerabilities within fast-jwt, a high-performance library used to implement JSON Web Tokens (JWT). The flaws reveal that even minor oversights in code l ...
-
CybersecurityNews
Apache Traffic Server Vulnerabilities Let Attackers Trigger DoS Attack
The Apache Software Foundation has released emergency security updates to address two severe vulnerabilities in the Apache Traffic Server (ATS). ATS operates as a high-performance web proxy cache that ...