CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical FortiClient SQL Injection Vulnerability Enables Arbitrary Database Access
FortiClient SQL Injection vulnerability A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS). Tracked as CVE-2026-21643, this severe flaw carries a CVSS sc ...
-
Daily CyberSecurity
New Ubuntu Vulnerability Turns System Cleanup into a Root Access Backdoor
The Qualys Threat Research Unit has detailed a new Local Privilege Escalation (LPE) vulnerability, tracked as CVE-2026-3888, which affects default installations of Ubuntu Desktop 24.04 and later.The v ...
-
Help Net Security
Cybercriminals scale up, government sector hit hardest
Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs, which tracked 1,186 active campaigns over the course of the year. The dat ...
-
CybersecurityNews
Ubuntu Desktop Systems Vulnerability Enables Attackers to Gain Full Root Access
Ubuntu Desktop Systems Vulnerability A Local Privilege Escalation (LPE) vulnerability in default installations of Ubuntu Desktop 24.04 and later allows an unprivileged local attacker to gain full root ...
-
The Hacker News
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CV ...
-
The Hacker News
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary ...
-
TheCyberThrone
OpenClaw: The Open-Source AI Agent Rewriting the Threat Landscape
What Is OpenClaw?OpenClaw — previously known as Clawdbot (launched November 2025) and then renamed Moltbot after trademark disputes — is an open-source, self-hosted autonomous private AI agent that ru ...
-
Daily CyberSecurity
Edge of Disaster: Critical 9.8 CVSS Flaw in Oracle Cloud Infrastructure Toolkit Allows Complete Takeover
A critical vulnerability has been identified in a key component of Oracle’s open-source portfolio, potentially handing the keys to edge cloud environments over to unauthenticated attackers. The flaw, ...
-
Proofpoint
CursorJack: weaponizing Deeplinks to exploit Cursor IDE
Author’s Note: This post reflects Proofpoint Threat Research observations in a controlled test environment as of January 19, 2026. Proofpoint has no commercial, customer, partner, or vendor relationsh ...
-
CybersecurityNews
Iranian Cyber Ops Maintain US Network Footholds, Target Cameras for Regional Surveillance
Iran’s cyber operations took a sharp turn in early 2026, with state-linked threat actors quietly embedding themselves inside US and Canadian networks while also targeting internet-connected surveillan ...