CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
One API Call to Hijack: Critical Cal.com Flaw (CVE-2026-23478, CVSS 10) Bypasses 2FA
A critical security vulnerability has been found in Cal.com, the popular open-source scheduling platform used by individuals and enterprises worldwide. Tracked as CVE-2026-23478, the flaw carries the ...
-
Daily CyberSecurity
High-Severity Flaws in HPE Aruba Networking Expose Mobility Controllers to Attack
HPE Aruba Networking has released a critical security advisory patching a swarm of vulnerabilities across its AOS-8 and AOS-10 operating systems. The flaws, which affect Mobility Conductors, Controlle ...
-
Daily CyberSecurity
Command Injection Alert: High-Severity Flaws Hit LoadMaster & MOVEit WAF
Progress Software Corporation has kicked off the 2026 security calendar with an important update for its network infrastructure products. On January 12, 2026, the vendor released patches addressing tw ...
-
Trend Micro
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI
Executive summary TrendAI™ has launched ÆSIR, an AI-empowered security research platform that combines advanced automation with human expertise to proactively identify and remediate zero-day vulnerabi ...
-
BleepingComputer
Exploit code public for critical FortiSIEM command injection flaw
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remo ...
-
CybersecurityNews
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sess ...
-
BleepingComputer
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week. The list of affected sys ...
-
CybersecurityNews
Critical FortiSIEM Vulnerability(CVE-2025-64155) Enable Full RCE and Root Compromise
In August 2025, Fortinet issued an advisory for CVE-2025-25256, an OS command injection vulnerability (CWE-78) in FortiSIEM that exposed the platform to unauthenticated remote code execution via craft ...
-
hackread.com
Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed
Microsoft has released its first Patch Tuesday of 2026, delivering a massive wave of security fixes to protect users from various digital threats. This month, the tech giant addressed 115 vulnerabilit ...
-
TheCyberThrone
CVE-2025-64155 – Critical RCE in Fortinet FortiSIEM
January 14, 2026Fortinet patched a severe unauthenticated remote command injection flaw in FortiSIEM on January 13, 2026, tracked as CVE-2025-64155 with CVSS 9.4.Discovered by Horizon3.ai in August 20 ...