CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical FortiSandbox Vulnerabilities Allow Attackers to Execute Unauthorized Commands
Fortinet has disclosed two critical security vulnerabilities affecting its FortiSandbox platform, both carrying a CVSSv3 score of 9.1. The flaws, published on April 14, 2026, could allow unauthenticat ...
-
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities ...
-
AttackIQ
Emulating the Persuasive NightSpire Ransomware
Overview NightSpire is a financially motivated ransomware and data extortion group that emerged in early 2025. Initially operating as a closed, self-managed group, it conducted intrusions end-to-end w ...
-
Daily CyberSecurity
Critical—9 Vulnerabilities in Orthanc DICOM Servers Threaten Medical Data Integrity
A series of critical security flaws has been uncovered in Orthanc, the popular open-source “lightweight Digital Imaging and Communications in Medicine (DICOM) server used to store, process, and retrie ...
-
The Hacker News
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-saf ...
-
Daily CyberSecurity
Juju’s CVSS 10 Flaw Hands Over Master Cloud Credentials
Juju, the popular open-source application orchestration engine, is facing a critical security emergency. A newly discovered vulnerability, carrying the maximum possible severity rating of CVSS 10, all ...
-
Daily CyberSecurity
CVE-2026-4810: Critical 9.3 RCE Flaw Hits Google’s AI Agent Development Kit
A recently disclosed vulnerability in Google’s Agent Development Kit (ADK) serves as a stark reminder that even the most modular frameworks are not immune to classic security pitfalls. Security resear ...
-
security.nl
SAP dicht kritiek SQL Injection-lek in Business Planning en Business Warehouse
SAP heeft een kritieke kwetsbaarheid in Business Planning en Business Warehouse gedicht waardoor een ongeautoriseerde aanvaller op afstand willekeurige SQL-commando's op de database kan uitvoeren. De ...
-
CybersecurityNews
CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injec ...
-
Daily CyberSecurity
CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover
In the world of Linux server management, ease of use and security are intended to go hand-in-hand. However, a critical vulnerability discovered in Cockpit, the lightweight and popular interactive serv ...