CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenam ...
-
CybersecurityNews
Apache Syncope Vulnerability Let Attackers Hijack User Sessions
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise sessi ...
-
CybersecurityNews
APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The threat act ...
-
reddit.com
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...
-
The Cyber Express
Critical vLLM Flaw Exposes Millions of AI Servers to Remote Code Execution
A newly disclosed security flaw has placed millions of AI servers at risk after researchers identified a critical vulnerability in vLLM, a widely deployed Python package for serving large language mod ...
-
The Cyber Express
IPIDEA Proxy Network Dismantled: Global Cybercrime and Botnet Risks Exposed
Researchers have found what they believe is one of the world’s largest residential proxy networks: the IPIDEA proxy operation. The action targeted a little-known but deeply embedded component of the o ...
-
CybersecurityNews
Hikvision Wireless Access Points Vulnerability Enables Malicious Command Execution
A critical authenticated command execution vulnerability has been disclosed affecting multiple Hikvision Wireless Access Point (WAP) models. The flaw, tracked as CVE-2026-0709, stems from insufficient ...
-
Daily CyberSecurity
Root via Telnet: Why You Must Patch Your Synology NAS Against This Decade-Old Ghost
On January 29, 2026, Synology, a preeminent manufacturer of Network Attached Storage (NAS) solutions, disseminated a series of critical firmware updates for its DiskStation Manager (DSM) operating sys ...
-
Daily CyberSecurity
Grid Sabotage: “Static Tundra” Hits Poland’s Energy Sector with DynoWiper
The critical infrastructure of Poland’s energy sector has come under sustained fire from a sophisticated threat actor deploying destructive wiper malware. In a comprehensive new report, CERT Polska de ...
-
Daily CyberSecurity
ASUS Kills “File Shredder” Feature to Fix Critical Flaw
ASUS has issued a mandatory update for its commercial computer line that completely removes a core security feature rather than patching it. The alert concerns a high-severity vulnerability in the ASU ...