CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
40,000 Hits in 4 Hours: RondoDox Botnet Storms HPE OneView
Check Point Research uncovered a massive, automated assault on HPE OneView. Researchers observed a botnet launching over 40,000 exploitation attempts in a span of just four hours, targeting a critical ...
-
Daily CyberSecurity
OpenStack Admin Forgery: CVE-2026-22797 Lets Users ‘Ask’ for Root
A significant security flaw has been closed in the OpenStack cloud infrastructure project, specifically within its identity middleware. The vulnerability, tracked as CVE-2026-22797, is a Privilege Esc ...
-
The Register
Cisco finally fixes max-severity bug under active attack for weeks
Cisco finally delivered a fix for a maximum-severity bug in AsyncOS that has been under attack for at least a month. The networking giant disclosed the vulnerability, tracked as CVE-2025-20393, on Dec ...
-
The Register
Flipping one bit leaves AMD CPUs open to VM vuln
If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vuln ...
-
BleepingComputer
Hackers exploit Modular DS WordPress plugin flaw for admin access
Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level privilege ...
-
CybersecurityNews
Fortinet FortiSIEM Vulnerability CVE-2025-64155 Actively Exploited in Attacks
Fortinet FortiSIEM vulnerability CVE-2025-64155 is under active exploitation, as confirmed by Defused through their honeypot deployments. This critical OS command injection flaw enables unauthenticat ...
-
CybersecurityNews
Azure Identity Token Vulnerability Enables Tenant-Wide Compromise in Windows Admin Center
A high-severity vulnerability in Windows Admin Center’s Azure Single Sign-On implementation has exposed Azure virtual machines and Arc-connected systems to unauthorized access across entire tenants. C ...
-
BleepingComputer
Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices
Security researchers have discovered a critical vulnerability in Google's Fast Pair protocol that can allow attackers to hijack Bluetooth audio accessories, track users, and eavesdrop on their convers ...
-
BleepingComputer
Critical WhisperPair flaw lets hackers track, eavesdrop via Bluetooth audio devices
Security researchers have discovered a critical vulnerability in Google's Fast Pair protocol that can allow attackers to hijack Bluetooth audio accessories, track users, and eavesdrop on their convers ...
-
The Hacker News
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
Jan 15, 2026Ravie LakshmananWeb Security /Vulnerability A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchsta ...