CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution
Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious code or overwrite files via prompt injection. The G ...
-
Daily CyberSecurity
NCSC Warns of Russian Hacktivists Targeting UK
The UK’s National Cyber Security Centre (NCSC) has issued a warning regarding the persistent threat posed by Russian-aligned hacktivist groups. In a recent alert, the NCSC highlighted a concerted effo ...
-
security.nl
Tienduizenden WordPress-sites kwetsbaar door kritiek lek in gebruikte plug-in
Tienduizenden WordPress-sites bevatten een kritieke kwetsbaarheid waardoor ze in theorie door aanvallers op afstand zijn over te nemen. Een beveiligingsupdate is al een maand beschikbaar, maar een gro ...
-
CybersecurityNews
Critical AVEVA Software Vulnerabilities Enables Remote Code Execution Under System Privileges
Seven vulnerabilities were disclosed in Process Optimization (formerly ROMeo) 2024.1 and earlier on January 13, 2026, including a critical flaw enabling unauthenticated SYSTEM-level remote code execut ...
-
CybersecurityNews
WhisperPair Attack Allows Hijacking of Laptops, Earbuds Without User Consent – Millions Affected
A critical vulnerability in Google’s Fast Pair protocol that allows attackers to hijack Bluetooth audio accessories and track users without their knowledge or consent. Security researchers from KU Le ...
-
CybersecurityNews
Apache bRPC Vulnerability Enables Remote Command Injection
A critical remote command-injection vulnerability has been discovered in Apache bRPC’s built-in heap profiler service, affecting all versions before 1.15.0 across all platforms. The vulnerability allo ...
-
Daily CyberSecurity
“Nomad Leopard” Spotted in the Wild: Cyber Espionage Campaign Targets Afghan Government
Image: the SEQRITE Labs APT Team A new cyber espionage campaign targeting the heart of Afghanistan’s administration has been uncovered, revealing a mix of official disguises and surprisingly clumsy op ...
-
Daily CyberSecurity
Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover
A critical security vulnerability has been discovered in Advanced Custom Fields: Extended, a popular WordPress plugin with over 100,000 active installations. The flaw, tracked as CVE-2025-14533, carri ...
-
Daily CyberSecurity
Discord Spy: SolyxImmortal Malware Uses Webhooks for Stealthy Theft
A newly identified Python-based malware, SolyxImmortal, is making the rounds in underground channels, offering a “monolithic” surveillance tool that prioritizes persistence over destruction. In a new ...
-
Daily CyberSecurity
Malformed & Dangerous: Gootloader Returns with New Ransomware Ties
After a mysterious hiatus, the notorious Gootloader malware has resurfaced with a vengeance, sporting a new alliance with ransomware operators and a clever technical trick designed to baffle automated ...