CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CV ...
-
The Hacker News
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary ...
-
TheCyberThrone
OpenClaw: The Open-Source AI Agent Rewriting the Threat Landscape
What Is OpenClaw?OpenClaw — previously known as Clawdbot (launched November 2025) and then renamed Moltbot after trademark disputes — is an open-source, self-hosted autonomous private AI agent that ru ...
-
Daily CyberSecurity
Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover
A critical vulnerability has been identified in a key component of Oracle’s open-source portfolio, potentially handing the keys to edge cloud environments over to unauthenticated attackers. The flaw, ...
-
Proofpoint
CursorJack: weaponizing Deeplinks to exploit Cursor IDE
Author’s Note: This post reflects Proofpoint Threat Research observations in a controlled test environment as of January 19, 2026. Proofpoint has no commercial, customer, partner, or vendor relationsh ...
-
CybersecurityNews
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also targeting internet-connected surveillan ...
-
The Hacker News
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. I ...
-
Daily CyberSecurity
Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection
Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool for integrating Artificial Intelligence into Java applications. Two high-severity ...
-
CybersecurityNews
Angular XSS Vulnerability Exposes Thousands of web Applications to XSS Attacks
Angular XSS Vulnerability Exposes web Applications A high-severity Cross-Site Scripting (XSS) vulnerability has been discovered in the widely used Angular framework. Tracked as CVE-2026-32635 and cate ...
-
Daily CyberSecurity
Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS
Cybersecurity researchers at Bishop Fox have released a technical deep-dive into a critical vulnerability affecting FortiClient EMS, Fortinet’s centralized management solution for endpoint security. T ...