CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
The Gentlemen RaaS Leverages Fortinet and Cisco Edge Devices for Initial Access
A ransomware group that only surfaced in mid-2025 has already made a significant mark on the threat landscape. The Gentlemen, a ransomware-as-a-service (RaaS) operation, has quickly risen to become on ...
-
Daily CyberSecurity
200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild
In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has identified a critical authentication bypass vulnerability in Bu ...
-
Daily CyberSecurity
Architectural Breach: AMD Zen 2 Flaw Allows Higher-Privilege Instruction Corruption
In a significant revelation for the hardware security world, AMD has identified a vulnerability targeting its Zen 2-based architecture. The flaw, tracked as CVE-2025-54518, resides deep within the pro ...
-
Daily CyberSecurity
GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances
In a major move to secure its DevOps platform, GitLab has released important security versions for both Community Edition (CE) and Enterprise Edition (EE). The updates—18.11.3, 18.10.6, and 18.9.7—add ...
-
Daily CyberSecurity
Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data
Ivanti has issued an urgent security update for its Xtraction platform to address a critical vulnerability. Carrying a CVSS score of 9.6, this flaw opens the door to severe data exposure and malicious ...
-
Daily CyberSecurity
Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover
Time-series data is the backbone of countless modern applications, from financial tickers to IoT monitoring. However, a newly disclosed vulnerability in MongoDB Server is turning this powerful feature ...
-
Daily CyberSecurity
OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed
The open-source firewall community is on high alert today after critical security vulnerabilities in OPNsense were dragged into the light. The full technical details and proof-of-concept (PoC) exploit ...
-
TheCyberThrone
Microsoft MDASH: When the Machine Becomes the Red Team
AI-native vulnerability discovery has crossed from research curiosity into production-grade defense — and the implications for how enterprises think about security engineering are irreversible.The Ann ...
-
Daily CyberSecurity
Urgent Update: Composer Vulnerability Leaks GitHub Secrets in Plaintext Logs (CVE-2026-45793)
In a critical security alert for the PHP community, Nils Adermann, Co-Creator of Composer, has issued an urgent advisory regarding a vulnerability that inadvertently leaks sensitive GitHub authenticat ...
-
Daily CyberSecurity
Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed
Security researcher Zhenpeng (Leo) Lin of depthfirst has unveiled a critical, 18-year-old vulnerability lurking within NGINX. The flaw, tracked as CVE-2026-42945 (CVSS 9.2), is a deterministic heap bu ...