CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Code Red: 4 Critical SandboxJS Flaws (CVSS 10.0) Allow Host Takeover
A quartet of critical vulnerabilities has been discovered in SandboxJS, a library designed to isolate and secure JavaScript execution. The flaws, tracked as CVE-2026-25520, CVE-2026-25586, CVE-2026-25 ...
-
Daily CyberSecurity
The “All-in-One” Spy: DKnife Malware Hijacks Routers to Swap Downloads
Functions of seven DKnife components | Image: Cisco Talos A powerful new cyber weapon has been discovered lurking in routers and edge devices, capable of monitoring traffic, hijacking downloads, and d ...
-
Daily CyberSecurity
“JackMa” & ShadowGuard: TGR-STA-1030 Spies on 37 Nations via Linux Rootkit
Countries targeted by TGR-STA-1030 reconnaissance between November and December 2025 | Image: Unit 42 A massive, state-aligned cyber espionage campaign has quietly infiltrated government networks acro ...
-
Daily CyberSecurity
CVE-2026-1731: Critical BeyondTrust Flaw (CVSS 9.9) Allows Pre-Auth RCE
BeyondTrust has issued a critical security alert for its popular remote access solutions, warning of a near-maximum severity vulnerability that could allow hackers to seize control of systems without ...
-
Daily CyberSecurity
CVE-2026-25526: Critical Jinjava Flaw (CVSS 9.8) Permits Remote Code Execution
A massive hole has been found in the walls of Jinjava, the popular Java-based template engine used to power thousands of websites on the HubSpot CMS. Tracked as CVE-2026-25526, this critical vulnerabi ...
-
Daily CyberSecurity
CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner
A maximum-severity vulnerability has been uncovered in a core Kubernetes storage component, leaving nodes wide open to unauthorized file manipulation. The SUSE Rancher Security team has issued an urge ...
-
Daily CyberSecurity
APT28 Weaponizes Office Flaw to Spy on NATO & Military
The notorious Russian state-sponsored group APT28 (also known as Fancy Bear) has launched a sophisticated new espionage campaign, striking European military and government targets within just 24 hours ...
-
The Register
Telcos aren't saying how they fought back against China's Salt Typhoon attacks
Infosec In Brief So-hot-right-now AI assistant OpenClaw, which is very much not secure right now, has teamed up with security scanning service VirusTotal. The tie-up means “skills” in the ClawHub – cu ...
-
CybersecurityNews
Cybersecurity Weekly Newsletter – Notepad++ hack, Office 0-Day, ESXi 0-day Ransomware Attacks and More
Cybersecurity Newsletter Weekly February Welcome to this week’s pulse on the cyber threat landscape, where vulnerabilities strike fast, and defenders must move faster. Notepad++ users face a supply-ch ...
-
Help Net Security
Week in review: Notepad++ supply chain attack details and targets, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Global Threat Map: Open-source real-time situational awareness platform Global Threat Map is an open-s ...