CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
The Russia-linked threat group UAC-0001, also known as APT28, has been actively exploiting a critical zero-day vulnerability in Microsoft Office. The group is using this flaw to deploy sophisticated m ...
-
The Hacker News
⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a singl ...
-
The Cyber Express
Russian APT28 Exploit Zero-Day Hours After Microsoft Discloses Office Vulnerability
Ukraine’s cyber defenders warn Russian hackers weaponized a Microsoft zero-day within 24 hours of public disclosure, targeting government agencies with malicious documents delivering Covenant framewor ...
-
CybersecurityNews
Gakido CRLF Injection Vulnerability Let Attackers Bypass Security Controls
A critical vulnerability in Gakido, an HTTP client library by HappyHackingSpace, has been discovered that allows attackers to inject arbitrary HTTP headers through CRLF (Carriage Return Line Feed) seq ...
-
security.nl
'Zestienhonderd Ivanti EPMM-servers toegankelijk vanaf internet'
Zo'n zestienhonderd Ivanti Endpoint Manager Mobile (EPMM) servers zijn vanaf het internet toegankelijk en aanvallers maken op dit moment actief misbruik van kwetsbaarheden in de oplossing, zo waarschu ...
-
cert.pl
Vulnerability in EAP Legislator software
Vulnerability in EAP Legislator software CVE ID CVE-2026-1186 Publication date 02 February 2026 Vendor ABC PRO Product EAP Legislator Vulnerable versions All through 2.25 Vulnerability type (CWE) Impr ...
-
Daily CyberSecurity
Notepad++ Hijacked: State-Sponsored Actors Poisoned Updates for Months
The developer behind Notepad++, the ubiquitous open-source text editor found on millions of developer desktops, has confirmed a severe security incident involving a months-long compromise of its updat ...
-
Daily CyberSecurity
Silent Intruder: “EncystPHP” Web Shell Burrows into FreePBX Systems
The EncystPHP file flow | Image: FortiGuard Labs A sophisticated new web shell has been discovered burrowing into communication infrastructure, leveraging a critical vulnerability to turn innocent pho ...
-
CybersecurityNews
Critical Johnson Controls Products Vulnerabilities Enables Remote SQL Injection Attacks
A critical advisory addressing a severe SQL injection vulnerability affecting multiple Johnson Controls industrial control system products. The vulnerability, tracked as CVE-2025-26385, carries a maxi ...
-
Help Net Security
Week in review: Microsoft fixes exploited Office zero-day, Fortinet patches FortiCloud SSO flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: When open science meets real-world cybersecurity In this Help Net Security interview, Matthew Kwiatkow ...