CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also targeting internet-connected surveillan ...
-
The Hacker News
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. I ...
-
Daily CyberSecurity
Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection
Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool for integrating Artificial Intelligence into Java applications. Two high-severity ...
-
CybersecurityNews
Angular XSS Vulnerability Exposes Thousands of web Applications to XSS Attacks
Angular XSS Vulnerability Exposes web Applications A high-severity Cross-Site Scripting (XSS) vulnerability has been discovered in the widely used Angular framework. Tracked as CVE-2026-32635 and cate ...
-
Daily CyberSecurity
Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS
Cybersecurity researchers at Bishop Fox have released a technical deep-dive into a critical vulnerability affecting FortiClient EMS, Fortinet’s centralized management solution for endpoint security. T ...
-
CybersecurityNews
CISA Warns of Wing FTP Server Vulnerability Exploited in Attacks
CISA Warns Wing FTP Server Vulnerability Exploit A high-priority alert has been issued for a critical vulnerability in Wing FTP Server, added to the Known Exploited Vulnerabilities (KEV) catalog on Ma ...
-
Daily CyberSecurity
Instant Hijack: Critical 10.0 CVSS File Browser Flaw Grants Automatic Admin Rights
Security researchers have issued a high-priority alert for users of File Browser, a popular open-source self-hosted cloud storage solution. A critical logic flaw has been discovered in the platform’s ...
-
Daily CyberSecurity
Broken Keys: Critical Authlib Flaws Expose Millions to JWT Forgery and Padding Oracles
Security researchers exposed three critical vulnerabilities in Authlib, the widely used library for building OAuth and OpenID Connect servers. With over 86 million monthly downloads, the flaws in Auth ...
-
CybersecurityNews
CISA Warns of Chrome 0-Day Vulnerabilities Exploited in Attacks
CISA Warns of Chrome 0-Day Vulnerabilities Exploit An urgent warning regarding two highly critical zero-day vulnerabilities affecting Google Chrome and related products. These flaws have been official ...
-
The Cyber Express
AI-Driven Phishing Campaign Uses Browser Permissions to Harvest Sensitive Data
A new AI-driven phishing campaign, uncovered by Cyble Research & Intelligence Labs (CRIL) demonstrates how attackers are moving beyond traditional credential theft and adopting more invasive, technolo ...