CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it. Given that cPanel and We ...
-
The Hacker News
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as ...
-
Daily CyberSecurity
NVIDIA Patches High-Severity “Prompt Injection” Flaw in NemoClaw
NVIDIA has released a critical software update for NVIDIA NemoClaw, addressing a high-severity vulnerability that could allow remote attackers to bypass security controls and exfiltrate sensitive host ...
-
security.nl
Kritiek beveiligingslek in cPanel en WHM actief misbruikt bij aanvallen
Een kritiek beveiligingslek in cPanel en WHM waardoor ongeauthenticeerde aanvallers admin-toegang tot systemen kunnen krijgen wordt actief misbruikt bij aanvallen. Beveiligingsupdates zijn sinds 28 ap ...
-
CybersecurityNews
Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild
In early 2026, two critical authentication bypass vulnerabilities in the popular open-source Qinglong task scheduler were actively exploited by hackers. According to Snyk security reports, unauthentic ...
-
CybersecurityNews
CISA Warns of ConnectWise ScreenConnect Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a severe vulnerability in ConnectWise ScreenConnect. On April 28, 2026, CISA officially added th ...
-
CybersecurityNews
ProFTPD’s SQL Injection Vulnerability Enables Remote Code Execution Attacks
A critical SQL injection vulnerability in ProFTPD, one of the Internet’s most widely deployed FTP servers. Tracked as CVE-2026-42167, this flaw carries a CVSS severity score of 8.1 and affects the mod ...
-
The Hacker News
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have al ...
-
CybersecurityNews
SonicWall SonicOS Vulnerabilities Allow Attackers to Bypass Access Controls and Crash Firewall
SonicWall has released a security advisory addressing three vulnerabilities in its SonicOS software. Discovered by the Advanced Research Team at CrowdStrike, these flaws could allow attackers to bypas ...
-
CybersecurityNews
cPanel 0-Day Authentication Bypass Vulnerability Actively Exploited in the Wild — PoC Released
A critical authentication bypass vulnerability in cPanel & WHM has been confirmed to be actively exploited in the wild, sending shockwaves through the global web hosting industry. The flaw, tracked as ...