CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Exploited in the Wild: Critical 9.3 CVSS Flaw Turns Tianxin Systems into Hacker Gateways
A critical security vulnerability, tracked as CVE-2021-4473, has been identified in the Tianxin Internet Behavior Management System. With a severe CVSS score of 9.3, this flaw allows unauthenticated a ...
-
The Cyber Express
Critical Flowise RCE Vulnerability Actively Exploited, Thousands of Systems at Risk
A critical Flowise RCE vulnerability is now being actively exploited. The flaw, tracked as CVE-2025-59528, carries a maximum severity rating and enables attackers to execute arbitrary code on affected ...
-
Help Net Security
Flatpak 1.16.4 fixes sandbox escape and three other security flaws
Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads ...
-
CybersecurityNews
Multiple OpenSSL Vulnerabilities Exposes Sensitive Data in RSA KEM Handling
OpenSSL has released a broad April 2026 security update that fixes seven vulnerabilities across supported branches, led by CVE-2026-31790, a moderate-severity flaw in RSA KEM RSASVE encapsulation that ...
-
Daily CyberSecurity
Critical Security Update: IBM Patches Multiple Vulnerabilities in Verify Identity and Access
IBM has released a comprehensive bulletin addressing a series of vulnerabilities within its Verify Identity Access and Security Verify Access product lines. The flaws range from low-impact redirection ...
-
The Cyber Express
FBI Takes Down APT28 Network Behind Global DNS Hijacking Attacks
The Russian-linked threat group APT28 has continued to leverage vulnerable network devices to carry out large-scale DNS hijacking campaigns, enabling adversary-in-the-middle attacks. Recent developmen ...
-
The Cyber Express
Researchers Find a Zero-Day Attack Targeting Adobe Reader Users
A newly uncovered zero-day attack targeting Adobe Reader has raised alarms across enterprise security teams, as researchers identified an exploit chain that bypasses traditional detection controls and ...
-
Help Net Security
OpenSSL 3.6.2 lands with eight CVE fixes
OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KE ...
-
Help Net Security
Anthropic’s new AI model finds and exploits zero-days across every major OS and browser
Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. ...
-
CybersecurityNews
Claude Uncovers 13-Year-Old RCE Flaw in Apache ActiveMQ in Just 10 Minutes
A critical remote code execution (RCE) vulnerability has been disclosed in Apache ActiveMQ Classic, a flaw that sat undetected for over a decade and was ultimately discovered not by a human researcher ...