CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
OpenSSL 3.6.2 lands with eight CVE fixes
OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KE ...
-
Help Net Security
Anthropic’s new AI model finds and exploits zero-days across every major OS and browser
Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. ...
-
CybersecurityNews
Claude Uncovers 13-Year-Old RCE Flaw in Apache ActiveMQ in Just 10 Minutes
A critical remote code execution (RCE) vulnerability has been disclosed in Apache ActiveMQ Classic, a flaw that sat undetected for over a decade and was ultimately discovered not by a human researcher ...
-
CybersecurityNews
CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code as Root User
A critical vulnerability chain in the Common Unix Printing System (CUPS) that allows unauthenticated remote attackers to execute arbitrary malicious code with root system privileges. Security research ...
-
Daily CyberSecurity
OpenSSL Issues Major Security Advisory: RSA and Memory Vulnerabilities Fixed
OpenSSL has released a comprehensive security advisory detailing seven vulnerabilities ranging from Moderate to Low severity. The report, dated April 7, 2026, highlights critical fixes for modern vers ...
-
Daily CyberSecurity
APT28 Hijacks Home Routers to Steal Corporate Credentials
In a major technical disclosure, the UK National Cyber Security Centre (NCSC) has detailed a sophisticated campaign by the Russian threat actor APT28 (also known as Fancy Bear or Forest Blizzard). The ...
-
CybersecurityNews
Hackers Exploit Kubernetes Misconfigurations to Move From Containers to Cloud Accounts
Kubernetes has become one of the most widely used platforms for managing containerized applications in enterprise environments. But as its adoption has grown, so has the attention it draws from malici ...
-
CybersecurityNews
Hackers Exploit Next.js React2Shell Flaw to Steal Credentials From 766 Hosts in 24 Hours
A dangerous cyberattack campaign is actively hitting web applications across the internet at a frightening speed. Hackers are exploiting a critical security flaw called React2Shell, targeting websites ...
-
TheCyberThrone
CVE-2025-59528: Flowise CustomMCP Code Injection RCE
April 7, 2026Status: Actively exploited | CVSS: 10.0 (Critical) | EPSS: 99.25% | Exposure: 12,000+ internet-facing instancesVulnerability SummaryCVE-2025-59528 affects Flowise, a drag & drop interface ...
-
The Hacker News
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn the ...