CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical Vulnerability in Binary-Parser Library for Node.js Allows Malicious Code injection
A critical code-injection vulnerability has been identified in the Node.js binary-parser library, affecting all versions before 2.3.0. The flaw allows attackers to execute arbitrary JavaScript code if ...
-
CybersecurityNews
Critical Chainlit AI Vulnerabilities Let Hackers Gain Control Over Cloud Environments
Cybersecurity researchers have uncovered two critical security flaws in Chainlit, a widely used open-source AI framework with over 700,000 monthly downloads. The vulnerabilities allow attackers to ste ...
-
The Hacker News
SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does not have a ...
-
security.nl
Cisco dicht actief misbruikte RCE-kwetsbaarheid in Unified Communications
Cisco heeft beveiligingsupdates uitgebracht voor een actief aangevallen kwetsbaarheid in Unified Communications-producten waardoor remote code execution mogelijk is. In de waarschuwing laat Cisco niet ...
-
The Hacker News
Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations
Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, i ...
-
The Hacker News
Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex
Cisco has released fresh patches to address what it described as a "critical" security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that i ...
-
Daily CyberSecurity
CVE-2025-15521 (CVSS 9.8): Critical Academy LMS Flaw Exploited for Admin Takeover
A critical security vulnerability has been unearthed in the Academy LMS plugin for WordPress, a popular tool used by thousands of educators to sell courses and build eLearning platforms. The flaw, tra ...
-
CybersecurityNews
Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access
Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability, CVE-2026-20045, actively exploited in the wild. Affecting key Unified Communications products, this flaw allows unaut ...
-
CybersecurityNews
Fortinet SSO Vulnerability Actively Exploited to Hack Firewalls and Gain Admin Access
A critical vulnerability in Fortinet’s Single Sign-On (SSO) feature for FortiGate firewalls, tracked as CVE-2025-59718, is under active exploitation. Attackers are leveraging it to create unauthorized ...
-
Daily CyberSecurity
Under Attack: Critical Cisco RCE (CVE-2026-20045) Exploited in the Wild
Cisco has issued an urgent warning to network administrators worldwide: a critical remote code execution (RCE) vulnerability affecting its core communications software is currently being targeted by h ...