CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2026-25137: Critical Odoo on NixOS Flaw Exposes Databases
A critical vulnerability has been discovered in Odoo deployments running on NixOS. The vulnerability, tracked as CVE-2026-25137 (CVSS 9.1), leaves the database manager—and by extension, the entire org ...
-
Daily CyberSecurity
Game Over: Interlock Ransomware Weaponizes Anti-Cheat Zero-Day to Kill EDR
FortiGuard Threat Intelligence details related to the ScreenConnect C2 domain associated with the intrusion | Image: FortiGuard Labs A sophisticated ransomware group known as Interlock is turning the ...
-
BleepingComputer
Wave of Citrix NetScaler scans use thousands of residential proxies
A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of residential proxies to discover login panels. The activity was observed bet ...
-
BleepingComputer
CISA flags critical SolarWinds RCE flaw as exploited in attacks
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days. Tracked as CVE-2025-40551, th ...
-
The Register
Critical React Native Metro dev server bug under attack as researchers scream into the void
Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven't received the "broa ...
-
hackread.com
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
A targeted cyberattack campaign has been uncovered by researchers at Zscaler ThreatLabz. The operation, which the firm has named Operation Neusploit, was identified in January 2026 and is being linked ...
-
CybersecurityNews
Hackers Exploiting React Native’s Metro Server in the Wild to Attack Developers
Threat actors are actively exploiting a critical remote code execution vulnerability in React Native’s Metro Development Server to deliver advanced malware payloads across Windows and Linux systems. V ...
-
security.nl
Securitybedrijf meldt actief misbruik van lek in React Native Metro-server
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in React Native Metro-server. Dat laat securitybedrijf Vulncheck in een analyse weten. React Native is een populair framework voor het o ...
-
CybersecurityNews
Foxit PDF Editor Vulnerabilities Let Attackers Execute Arbitrary JavaScript
Security updates addressing critical cross-site scripting (XSS) vulnerabilities in Foxit PDF Editor Cloud that could allow attackers to execute arbitrary JavaScript code in users’ browsers. The vulner ...
-
Help Net Security
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The exploitation CVE-20 ...