CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Smart Buildings at Risk: Critical Johnson Controls Flaw (CVSS 10) Allows Remote SQL Injection
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a maximum-severity vulnerability affecting Johnson Controls, a global leader in smart building technology. Th ...
-
Daily CyberSecurity
Exploited in the Wild: Critical Ivanti EPMM RCE Flaws (CVSS 9.8) Under Attack
Ivanti has issued an urgent security advisory confirming that attackers are actively exploiting critical vulnerabilities in its Endpoint Manager Mobile (EPMM) solution. The flaws, which allow unauthen ...
-
Daily CyberSecurity
Cluster Admin for All: Critical Kyverno Flaw (CVSS 10) Shatters Isolation
The maintainers of Kyverno, a popular Kubernetes-native policy engine, have released an urgent security update to address a critical vulnerability that shatters the platform’s isolation boundaries. Tr ...
-
Daily CyberSecurity
“SessionReaper” Harvests Roots: Mass Exploitation Campaign Hits Over 200 Magento Sites
A massive wave of cyberattacks has struck the e-commerce world, targeting the widely used Magento platform with a vulnerability so severe it hands attackers the keys to the kingdom. Dubbed “SessionRea ...
-
Daily CyberSecurity
Guest-to-Host Escape: NVIDIA Patches Critical vGPU & Driver Flaws
NVIDIA has released a sweeping security update to address a series of high-severity vulnerabilities affecting its GPU Display Driver and Virtual GPU (vGPU) software. The flaws, if left unpatched, coul ...
-
Daily CyberSecurity
The Great Recalibration: Amazon Cuts 16,000 More Roles in Massive Shift to AI-First Future
The retail and technology titan Amazon has proclaimed a substantial expansion of its retrenchment efforts, signaling a new wave of layoffs poised to affect 16,000 corporate personnel. This maneuver fo ...
-
BleepingComputer
Ivanti warns of two EPMM flaws exploited in zero-day attacks
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. The flaws are code-inje ...
-
seclists.org
CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength)
Full Disclosure mailing list archives From: Karol Wrótniak <karol.wrotniak () droidsonroids pl> Date: Wed, 28 Jan 2026 19:24:40 +0100 Summary ======= A vulnerability was discovered in the popular Java ...
-
CybersecurityNews
CISA Warns of FortiCloud SSO Authentication Bypass Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical authentication bypass vulnerability in multiple Fortinet products, actively exploited in the wild ...
-
The Hacker News
ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories
This week's updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every da ...