CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
The Poisoned Pickle: Critical Unpatched RCE Flaws Expose SGLang AI Infrastructure
Security researchers have issued a warning to the AI development community following the discovery of critical vulnerabilities in SGLang, a popular open-source serving framework for Large Language Mod ...
-
Google Cloud
Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat Landscape
Written by: Bavi Sadayappan, Zach Riddle, Ioana Teaca, Kimberly Goody, Genevieve Stark Introduction Since 2018, when many financially motivated threat actors began shifting their monetization strategy ...
-
Daily CyberSecurity
Critical 9.7 CVSS TinaCMS Flaw Exposes Local Developer Machines
Security researchers have exposed a devastating vulnerability in TinaCMS, a popular headless content management system used by developers globally to manage Markdown and MDX content. The flaw, tracked ...
-
cert.pl
Vulnerabilities in Raytha software
Vulnerabilities in Raytha software CVE ID CVE-2025-15540 Publication date 16 March 2026 Vendor Raytha Product Raytha Vulnerable versions All before 1.4.6 Vulnerability type (CWE) Improper Control of G ...
-
Daily CyberSecurity
High-Severity Flaw Exposes LiteSpeed Web Servers to OS Command Injection
A significant security warning has been issued for administrators utilizing LiteSpeed Web Server, a popular high-performance replacement for Apache. According to a vulnerability note from JPCERT/CC, a ...
-
Daily CyberSecurity
Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution
A severe security flaw has been identified in SandboxJS, a popular JavaScript sandboxing library used to safely execute untrusted code within web and Node.js applications. The vulnerability, tracked a ...
-
cert.pl
Vulnerabilities in multiple tinycontrol devices
Vulnerabilities in multiple tinycontrol devices CVE ID CVE-2025-11500 Publication date 16 March 2026 Vendor tinycontrol Product tcPDU and LAN Controllers: LK3.5, LK3.9 and LK4 Vulnerable versions Befo ...
-
The Cyber Express
China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack
Tensions between China and Costa Rica have intensified following allegations tied to an ICE cyberattack that Costa Rican authorities say was linked to the cyberespionage group UNC2814. The dispute cen ...
-
CybersecurityNews
Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability
Windows 11 and Server 2025 Automated Installation Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the discovery of ...
-
Daily CyberSecurity
Weekly Threat Intelligence Briefing: Chrome Zero-Days, SolarWinds RCE, and a Surge in Critical PoCs
The Executive Summary Over the past seven days, our CVE Watchtower intercepted 1,388 new vulnerabilities, highlighting a relentless week in the cybersecurity landscape. While the sheer volume is high, ...