CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CISA Flags Actively Exploited Wing FTP Server Flaw
Image: RCE Security The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a new vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Th ...
-
Daily CyberSecurity
Backdoored React Native Packages Target Developers with Crypto-Stealing Malware
The JavaScript development community is on high alert following a coordinated supply chain attack targeting two popular React Native packages. Cybersecurity researchers at Aikido have unmasked a malic ...
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling. This week has that energy. Fresh messes, old problems getting sharper, an ...
-
Daily CyberSecurity
The Poisoned Pickle: Critical Unpatched RCE Flaws Expose SGLang AI Infrastructure
Security researchers have issued a warning to the AI development community following the discovery of critical vulnerabilities in SGLang, a popular open-source serving framework for Large Language Mod ...
-
Google Cloud
Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat Landscape
Written by: Bavi Sadayappan, Zach Riddle, Ioana Teaca, Kimberly Goody, Genevieve Stark Introduction Since 2018, when many financially motivated threat actors began shifting their monetization strategy ...
-
Daily CyberSecurity
Critical 9.7 CVSS TinaCMS Flaw Exposes Local Developer Machines
Security researchers have exposed a devastating vulnerability in TinaCMS, a popular headless content management system used by developers globally to manage Markdown and MDX content. The flaw, tracked ...
-
cert.pl
Vulnerabilities in Raytha software
Vulnerabilities in Raytha software CVE ID CVE-2025-15540 Publication date 16 March 2026 Vendor Raytha Product Raytha Vulnerable versions All before 1.4.6 Vulnerability type (CWE) Improper Control of G ...
-
Daily CyberSecurity
High-Severity Flaw Exposes LiteSpeed Web Servers to OS Command Injection
A significant security warning has been issued for administrators utilizing LiteSpeed Web Server, a popular high-performance replacement for Apache. According to a vulnerability note from JPCERT/CC, a ...
-
Daily CyberSecurity
Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution
A severe security flaw has been identified in SandboxJS, a popular JavaScript sandboxing library used to safely execute untrusted code within web and Node.js applications. The vulnerability, tracked a ...
-
cert.pl
Vulnerabilities in multiple tinycontrol devices
Vulnerabilities in multiple tinycontrol devices CVE ID CVE-2025-11500 Publication date 16 March 2026 Vendor tinycontrol Product tcPDU and LAN Controllers: LK3.5, LK3.9 and LK4 Vulnerable versions Befo ...