CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Gakido CRLF Injection Vulnerability Let Attackers Bypass Security Controls
A critical vulnerability in Gakido, an HTTP client library by HappyHackingSpace, has been discovered that allows attackers to inject arbitrary HTTP headers through CRLF (Carriage Return Line Feed) seq ...
-
security.nl
'Zestienhonderd Ivanti EPMM-servers toegankelijk vanaf internet'
Zo'n zestienhonderd Ivanti Endpoint Manager Mobile (EPMM) servers zijn vanaf het internet toegankelijk en aanvallers maken op dit moment actief misbruik van kwetsbaarheden in de oplossing, zo waarschu ...
-
cert.pl
Vulnerability in EAP Legislator software
Vulnerability in EAP Legislator software CVE ID CVE-2026-1186 Publication date 02 February 2026 Vendor ABC PRO Product EAP Legislator Vulnerable versions All through 2.25 Vulnerability type (CWE) Impr ...
-
Daily CyberSecurity
Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months
The developer behind Notepad++, the ubiquitous open-source text editor found on millions of developer desktops, has confirmed a severe security incident involving a months-long compromise of its updat ...
-
Daily CyberSecurity
Silent Intruder: “EncystPHP” Web Shell Burrows into FreePBX Systems
The EncystPHP file flow | Image: FortiGuard Labs A sophisticated new web shell has been discovered burrowing into communication infrastructure, leveraging a critical vulnerability to turn innocent pho ...
-
CybersecurityNews
Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks
A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The vulnerability, tracked as CVE-2025-26385, carries a maxi ...
-
Help Net Security
Week in review: Microsoft fixes exploited Office zero-day, Fortinet patches FortiCloud SSO flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: When open science meets real-world cybersecurity In this Help Net Security interview, Matthew Kwiatkow ...
-
CybersecurityNews
SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations
A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked as CVE-20 ...
-
CybersecurityNews
Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail
The latest update to the Metasploit Framework this week provides a significant enhancement for penetration testers and red teamers, introducing seven new exploit modules targeting commonly used enterp ...
-
TheCyberThrone
Ivanti EPMM Zero-Days CVE-2026-1281 & CVE-2026-1340
January 31, 2026Ivanti has issued a critical security advisory for two zero-day remote code execution (RCE) vulnerabilities in Endpoint Manager Mobile (EPMM), actively exploited in the wild. CVE-2026- ...