CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical OpenSSH Vulnerability Exposes Moxa Ethernet Switches to Remote Code Execution
Moxa has issued a critical security advisory regarding CVE-2023-38408, a severe vulnerability in OpenSSH affecting multiple Ethernet switch models. The flaw, with a CVSS 3.1 score of 9.8, allows unaut ...
-
The Hacker News
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
Jan 13, 2026The Hacker NewsArtificial Intelligence / Automation Security AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, t ...
-
The Register
Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list
CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KE ...
-
The Hacker News
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthent ...
-
security.nl
VS meldt actief misbruik van path traversal-lek in Git-service Gogs
Aanvallers maken actief misbruik van een path traversal-lek in Git-service Gogs, zo laat het Amerikaanse cyberagentschap CISA weten. Volgens securitybedrijf Wiz wordt het beveiligingslek al zeker sind ...
-
CybersecurityNews
Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation
A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12 ...
-
security.nl
Lek in OpenCode laat websites willekeurige code op systeem gebruikers uitvoeren
Een kwetsbaarheid in AI coding agent OpenCode zorgt ervoor dat websites willekeurige code op het systeem van gebruikers kunnen uitvoeren, zonder dat hiervoor enige interactie is vereist. De ontwikkela ...
-
CybersecurityNews
CISA Warns of Gogs Path Traversal Vulnerability Exploited in Attacks
A critical warning about a path traversal vulnerability in Gogs, a self-hosted Git service, that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-8110, was added to CISA ...
-
CybersecurityNews
New Angular Vulnerability Enables an Attacker to Execute Malicious Payload
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in Angular’s Template Compiler, affecting multiple versions of both @angular/compiler and @angular/core packages. Tracked as CVE ...
-
CybersecurityNews
100,000+ n8n Instances Exposed to Internet Vulnerable to RCE Attacks
A critical vulnerability affecting the popular n8n workflow automation platform has put over 100,000 internet-exposed instances at severe risk. Security researchers from The Shadowserver Foundation di ...