CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Critical sandbox escape flaw discovered in popular vm2 NodeJS library
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
-
security.nl
OpenSSL-lek kan remote code execution mogelijk maken
Een kwetsbaarheid in OpenSSL kan in bepaalde gevallen remote code execution mogelijk maken. Er zijn nieuwe versies van de software beschikbaar gesteld waarin het probleem, aangeduid als CVE-2025-15467 ...
-
CybersecurityNews
Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors
Threat actors have started targeting companies in the insurance, e-commerce, and IT sectors through a critical vulnerability tracked as CVE-2025-55182, commonly known as React2Shell. This flaw exists ...
-
BleepingComputer
From Cipher to Fear: The psychology behind modern ransomware extortion
For years, security teams treated ransomware as a technological problem. Security teams hardened backup systems, deployed endpoint detection, practiced incident response playbooks built around data re ...
-
CybersecurityNews
MEDUSA Security Testing Tool With 74 Scanners and 180+ AI Agent Security Rules
MEDUSA, an AI-first Static Application Security Testing (SAST) tool boasting 74 specialized scanners and over 180 AI agent security rules. This open-source CLI scanner targets modern development chall ...
-
BleepingComputer
Over 6,000 SmarterMail servers exposed to automated hijacking attacks
Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical authentication bypass vulnerability. Cyberse ...
-
CybersecurityNews
6000+ Vulnerable SmarterTools SmarterMail Servers Exposed to Actively Exploited RCE Vulnerability
Over 6,000 SmarterMail servers exposed on the internet are running vulnerable versions that are at risk of active remote code execution (RCE) attacks. Security researchers identified the flaws through ...
-
Google Cloud
Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088
Introduction The Google Threat Intelligence Group (GTIG) has identified widespread, active exploitation of the critical vulnerability CVE-2025-8088 in WinRAR, a popular file archiver tool for Windows, ...
-
security.nl
'6.000 SmarterMail-servers bevatten actief misbruikte reset-kwetsbaarheid'
Zo'n zesduizend SmarterMail-servers bevatten zeer waarschijnlijk een kritieke kwetsbaarheid waardoor ongeauthenticeerde aanvallers het wachtwoord van de administrator kunnen resetten, zo laat The Shad ...
-
cert.pl
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers
Vulnerabilities in firmware of Pix-Link LV-WR21Q routers CVE ID CVE-2025-12386 Publication date 27 January 2026 Vendor Pix-Link Product LV-WR21Q Vulnerable versions V108_108 Vulnerability type (CWE) M ...