CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
Jan 15, 2026Ravie LakshmananWeb Security /Vulnerability A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchsta ...
-
CybersecurityNews
Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features
Critical security updates addressing CVE-2026-20824, a protection mechanism failure in Windows Remote Assistance that permits attackers to circumvent the Mark of the Web (MOTW) defense system. The vul ...
-
The Hacker News
ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories
The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere.This week's stories show how fast attackers change their tricks, how small mistakes turn into big ...
-
Help Net Security
PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)
A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizat ...
-
CybersecurityNews
New Sicarii RaaS Operation Attacks Exposed RDP Services and Attempts to Exploit Fortinet Devices
In December 2025, a previously unknown ransomware-as-a-service operation named Sicarii emerged across underground platforms, introducing itself as an Israeli or Jewish affiliated group. The operation ...
-
Schneier on Security
New Vulnerability in n8n
This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers global ...
-
hackread.com
Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads
It turns out that even in the world of software, ‘old’ doesn’t mean ‘gone.’ In a report shared with Hackread.com, cybersecurity researchers at Sonatype revealed a massive spike in downloads of long-ou ...
-
CybersecurityNews
Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack any User Account
A critical authentication bypass vulnerability in Cal.com’s scheduling platform enables attackers to hijack any user account by exploiting a flaw in the NextAuth JWT callback mechanism. Tracked as CVE ...
-
CybersecurityNews
Firefox 147 Released With Fixes for 16 Vulnerabilities that Enable Arbitrary Code Execution
Mozilla released Firefox 147 on January 13, 2026, addressing 16 security vulnerabilities detailed in the Mozilla Foundation Security Advisory. The update patches critical issues across components such ...
-
CybersecurityNews
Critical WordPress Plugin Vulnerability Exploited in the Wild to Gain Instant Admin Access
A critical unauthenticated privilege escalation vulnerability in the Modular DS WordPress plugin allows attackers to gain instant admin access, with exploitation confirmed in the wild. Affecting over ...