CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Claude Uncovers 13-Year-Old RCE Flaw in Apache ActiveMQ in Just 10 Minutes
A critical remote code execution (RCE) vulnerability has been disclosed in Apache ActiveMQ Classic, a flaw that sat undetected for over a decade and was ultimately discovered not by a human researcher ...
-
CybersecurityNews
CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code as Root User
A critical vulnerability chain in the Common Unix Printing System (CUPS) that allows unauthenticated remote attackers to execute arbitrary malicious code with root system privileges. Security research ...
-
Daily CyberSecurity
OpenSSL Issues Major Security Advisory: RSA and Memory Vulnerabilities Fixed
OpenSSL has released a comprehensive security advisory detailing seven vulnerabilities ranging from Moderate to Low severity. The report, dated April 7, 2026, highlights critical fixes for modern vers ...
-
Daily CyberSecurity
APT28 Hijacks Home Routers to Steal Corporate Credentials
In a major technical disclosure, the UK National Cyber Security Centre (NCSC) has detailed a sophisticated campaign by the Russian threat actor APT28 (also known as Fancy Bear or Forest Blizzard). The ...
-
CybersecurityNews
Hackers Exploit Kubernetes Misconfigurations to Move From Containers to Cloud Accounts
Kubernetes has become one of the most widely used platforms for managing containerized applications in enterprise environments. But as its adoption has grown, so has the attention it draws from malici ...
-
CybersecurityNews
Hackers Exploit Next.js React2Shell Flaw to Steal Credentials From 766 Hosts in 24 Hours
A dangerous cyberattack campaign is actively hitting web applications across the internet at a frightening speed. Hackers are exploiting a critical security flaw called React2Shell, targeting websites ...
-
TheCyberThrone
CVE-2025-59528: Flowise CustomMCP Code Injection RCE
April 7, 2026Status: Actively exploited | CVSS: 10.0 (Critical) | EPSS: 99.25% | Exposure: 12,000+ internet-facing instancesVulnerability SummaryCVE-2025-59528 affects Flowise, a drag & drop interface ...
-
The Hacker News
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn the ...
-
Help Net Security
Russian hackers hijack internet traffic using vulnerable routers
The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. Attackers are exploiting vuln ...
-
The Hacker News
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracke ...