CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover
A critical vulnerability has been identified in a key component of Oracle’s open-source portfolio, potentially handing the keys to edge cloud environments over to unauthenticated attackers. The flaw, ...
-
Proofpoint
CursorJack: weaponizing Deeplinks to exploit Cursor IDE
Author’s Note: This post reflects Proofpoint Threat Research observations in a controlled test environment as of January 19, 2026. Proofpoint has no commercial, customer, partner, or vendor relationsh ...
-
CybersecurityNews
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also targeting internet-connected surveillan ...
-
The Hacker News
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. I ...
-
Daily CyberSecurity
Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection
Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool for integrating Artificial Intelligence into Java applications. Two high-severity ...
-
CybersecurityNews
Angular XSS Vulnerability Exposes Thousands of web Applications to XSS Attacks
Angular XSS Vulnerability Exposes web Applications A high-severity Cross-Site Scripting (XSS) vulnerability has been discovered in the widely used Angular framework. Tracked as CVE-2026-32635 and cate ...
-
Daily CyberSecurity
Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS
Cybersecurity researchers at Bishop Fox have released a technical deep-dive into a critical vulnerability affecting FortiClient EMS, Fortinet’s centralized management solution for endpoint security. T ...
-
CybersecurityNews
CISA Warns of Wing FTP Server Vulnerability Exploited in Attacks
CISA Warns Wing FTP Server Vulnerability Exploit A high-priority alert has been issued for a critical vulnerability in Wing FTP Server, added to the Known Exploited Vulnerabilities (KEV) catalog on Ma ...
-
Daily CyberSecurity
Instant Hijack: Critical 10.0 CVSS File Browser Flaw Grants Automatic Admin Rights
Security researchers have issued a high-priority alert for users of File Browser, a popular open-source self-hosted cloud storage solution. A critical logic flaw has been discovered in the platform’s ...
-
Daily CyberSecurity
Broken Keys: Critical Authlib Flaws Expose Millions to JWT Forgery and Padding Oracles
Security researchers exposed three critical vulnerabilities in Authlib, the widely used library for building OAuth and OpenID Connect servers. With over 86 million monthly downloads, the flaws in Auth ...