CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Fortinet unearths another critical bug as SSO accounts borked post-patch
Things aren't over yet for Fortinet customers – the security shop has disclosed yet another critical FortiCloud SSO vulnerability. Those hoping for a reprieve following last week's patch pantomime are ...
-
CybersecurityNews
TP-Link Archer Vulnerability Let Attackers Take Control Over the Router
A critical security advisory has been released for a command injection vulnerability affecting the Archer MR600 v5 router. The flaw, tracked as CVE-2025-14756, enables authenticated attackers to execu ...
-
CybersecurityNews
Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code
A critical zero‑day vulnerability in Gemini MCP Tool exposes users to remote code execution (RCE) attacks without any authentication. Tracked as ZDI‑26‑021 / ZDI‑CAN‑27783 and assigned CVE‑2026‑0755, ...
-
security.nl
SolarWinds waarschuwt voor kritieke kwetsbaarheden in Web Help Desk
Softwarebedrijf SolarWinds waarschuwt voor verschillende kritieke kwetsbaarheden in Web Help Desk waardoor ongeauthenticeerde aanvallers systemen op afstand kunnen overnemen. Ook bevat de software har ...
-
hackread.com
Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google
The Google Threat Intelligence Group (GTIG) warns that nation-state actors and financially motivated threat actors are exploiting a flaw in WinRAR. Known as CVE-2025-8088, this vulnerability allows ha ...
-
Help Net Security
WinRAR vulnerability still a go-to tool for hackers, Mandiant warns
State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversa ...
-
BleepingComputer
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. The authentication bypass secu ...
-
CybersecurityNews
Check Point Harmony SASE Windows Client Vulnerability Enables Privilege Escalation
A critical privilege-escalation vulnerability has been discovered in Check Point’s Harmony SASE (Secure Access Service Edge) Windows client software, affecting versions prior to 12.2. Tracked as CVE-2 ...
-
The Hacker News
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating s ...
-
0patch.com
Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509)
Two days ago, Microsoft released an emergency update for Microsoft Office, resolving CVE-2026-21509, a vulnerability in Office that was found to be exploited in the wild. Microsoft's advisory initiall ...