CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity ...
-
cert.pl
Vulnerability in Kenik cameras software
Vulnerability in Kenik cameras software CVE ID CVE-2026-7766 Publication date 25 May 2026 Vendor Kenik Product KG-5230TAS-IL-3, KG-5230TAS-IL-G3, KG-5230DAS-IL-G3, KG-5260TZAS-IL-3, KG-5260DZAS-IL-3, ...
-
cert.pl
Vulnerability in Lifetime software
Vulnerability in Lifetime software CVE ID CVE-2026-40127 Publication date 25 May 2026 Vendor OutSystems Product Lifetime Vulnerable versions All before 11.28.2.3955 Vulnerability type (CWE) Authorizat ...
-
CybersecurityNews
Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed
A sharp rise in internet-wide scanning activity targeting SonicWall firewall management interfaces has been detected, raising concerns about a potential pre-disclosure reconnaissance phase tied to new ...
-
CybersecurityNews
CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks
CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classi ...
-
CybersecurityNews
Pentest Agent Suite – Bug Bounty Framework for Claude Code and 6 AI Coding Tools
A fully autonomous bug-bounty framework called Pentest Agent Suite has been open-sourced, delivering 50 specialized security agents, 26 slash commands, 19 CLI tools, and a cross-IDE installer across s ...
-
TheCyberThrone
CVE-2026-9082 – Drupal Core SQL Injection
May 24, 2026CVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core’s database abstraction API, specifically in the PostgreSQL EntityQuery condition handler. An unauthenticated, ...
-
TheCyberThrone
CVE-2026-2005 | PostgreSQL pgcrypto — Heap Buffer Overflow
May 24, 2026Vulnerability SummaryCVE-2026-2005 is a heap buffer overflow vulnerability in the PostgreSQL pgcrypto extension. A ciphertext provider can trigger the overflow to execute arbitrary code as ...
-
The Hacker News
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across the ...
-
CybersecurityNews
Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks — Patch Now!
A newly disclosed flaw in one of the world’s most widely deployed web servers is forcing administrators into another emergency patch cycle. Tracked as CVE-2026-9256 and publicly nicknamed nginx-poolsl ...