CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
WD Discovery Desktop App for Windows Vulnerability Enables Arbitrary Code Execution
A serious security vulnerability in Western Digital’s WD Discovery desktop application has been disclosed, potentially allowing attackers to execute arbitrary code on Windows systems. The flaw, tracke ...
-
The Cyber Express
CISA Flags Actively Exploited VMware vCenter RCE Flaw in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog, confirming tha ...
-
Help Net Security
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild ...
-
The Hacker News
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environ ...
-
CybersecurityNews
Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle files. ...
-
CybersecurityNews
Multiple Vulnerabilities in React Server Components Enable DoS Attacks
Multiple critical security vulnerabilities have recently been disclosed in React Server Components, enabling threat actors to launch Denial-of-Service (DoS) attacks against vulnerable servers. The fla ...
-
security.nl
Microsoft rolt noodpatch uit voor actief aangevallen kwetsbaarheid in Office
Microsoft heeft een noodpatch uitgerold voor een actief aangevallen kwetsbaarheid in Office waardoor aanvallers beveiligingsfuncties lokaal kunnen omzeilen, wat in het ergste geval tot het uitvoeren v ...
-
The Hacker News
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation
Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS s ...
-
seclists.org
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Yuffie Kisaragi via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 20 Jan 2026 17:13:27 +0000 Dear Art, Thank you for sharing your detailed eval ...
-
seclists.org
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Full Disclosure mailing list archives From: Marco Ermini via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 23 Jan 2026 18:41:47 +0000 Hello everyone, Kindly let me introduce myself. This ...