CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Jan 06, 2026Ravie LakshmananVulnerability / DevOps A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated at ...
-
Daily CyberSecurity
The Desk-Side Revolution: NVIDIA’s DGX Spark Update Delivers 2.5× AI Speed Boost
As downloads of open-source AI models and frameworks are expected to surge explosively in 2026, NVIDIA announced a major update to its desktop AI development platform, DGX Spark, at CES 2026. This upd ...
-
The Hacker News
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Jan 06, 2026Ravie LakshmananVulnerability / Web Security Users of the "@adonisjs/bodyparser" npm package are being advised to update to the latest version following the disclosure of a critical secu ...
-
Daily CyberSecurity
CVE-2025-68428: Critical Flaw in jsPDF Library Allows Server-Side File Theft
A critical vulnerability has been discovered in jsPDF, one of the most popular JavaScript libraries for generating PDF documents. The flaw, assigned a scorching CVSS score of 9.2, allows attackers to ...
-
Daily CyberSecurity
Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks
Maintainers of aiohttp, the popular asynchronous HTTP client/server framework for Python, have released a sweeping security update addressing seven distinct vulnerabilities. The update, version 3.13.3 ...
-
Daily CyberSecurity
Apache SIS Patch Blocks XML Attack That Leaks Server Files
The Apache Software Foundation has issued a security advisory for the Apache Spatial Information System (SIS), a key Java library used for developing geospatial applications. A newly discovered vulner ...
-
Daily CyberSecurity
CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files
Apache Kyuubi, the distributed gateway designed to provide secure, serverless SQL access to massive data lakes, has patched a high-severity vulnerability that could allow unauthorized access to the se ...
-
Daily CyberSecurity
Attacking from Within: How Adobe ColdFusion Admins Can Weaponize Remote Shares
Image: Brian Adobe has issued critical updates for its ColdFusion platform after security researcher Brian Reilly uncovered a clever logic flaw that allows authenticated administrators to turn a stand ...
-
Daily CyberSecurity
MediaTek Kicks Off 2026 with Major Security Overhaul for Mobile Chipsets
MediaTek has kicked off the new year with a critical security bulletin, releasing patches for a slew of high-severity vulnerabilities affecting dozens of its mobile and IoT chipsets. The January 2026 ...
-
Daily CyberSecurity
New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation
Apple’s privacy fortress, the Transparency, Consent, and Control (TCC) framework, has been breached once again. Security researcher Mickey Jin (@patch1t) has disclosed a sophisticated new vulnerabilit ...