CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerabilities in Quick.Cart software
Vulnerabilities in Quick.Cart software CVE ID CVE-2026-23796 Publication date 05 February 2026 Vendor OpenSolution Product Quick.Cart Vulnerable versions 6.7 Vulnerability type (CWE) Session Fixation ...
-
The Hacker News
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coin ...
-
CybersecurityNews
Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files
Cisco Meeting Management Vulnerability A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated remote att ...
-
The Cyber Express
Critical n8n Vulnerability CVE-2026-25049 Enables Remote Command Execution
A newly disclosed critical vulnerability, tracked as CVE-2026-25049, in the workflow automation platform n8n, allows authenticated users to execute arbitrary system commands on the underlying server ...
-
security.nl
NCSC waarschuwt Ivanti EPMM-klanten: ga ervan uit dat je bent gehackt en meld je
Het Nationaal Cyber Security Centrum (NCSC) waarschuwt organisaties die gebruikmaken van Ivanti Endpoint Manager Mobile (EPMM) dat ze ervan moeten uitgaan dat hun EPMM-server is gehackt. Ook worden de ...
-
CybersecurityNews
APT28 Hackers Exploiting Microsoft Office Vulnerability to Compromise Government Agencies
Russian state-sponsored actors known as APT28 have initiated a sophisticated cyber espionage campaign targeting high-value government and military entities across Europe. The primary targets include m ...
-
reddit.com
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41)
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...
-
The Hacker News
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, ...
-
The Hacker News
Hackers Exploit React2Shell to Hijack Web Traffic via Compromised NGINX Servers
Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it throu ...
-
seclists.org
SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS)
Full Disclosure mailing list archives SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS) From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisc ...