CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Actively Exploiting Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT
A critical vulnerability in BeyondTrust’s remote support software is being actively exploited by hackers to deliver dangerous backdoors on compromised systems. The flaw, tracked as CVE-2026-1731, carr ...
-
Daily CyberSecurity
Exploited in the Wild & PoC Disclosed: Emergency Chrome Zero-Day (CVE-2026-2441) Patched
Google has been forced to push emergency updates to billions of users following the discovery of a high-severity, actively exploited vulnerability in its Chrome browser. Marking the first zero-day fla ...
-
CybersecurityNews
Google Issues Emergency Chrome Security Update to Address High-Severity PDFium and V8 Flaws
Google Issues Emergency Chrome Security Update A significant security update for the Chrome Stable Channel to address multiple vulnerabilities, including high-severity flaws affecting the browser’s co ...
-
Daily CyberSecurity
Bypassing the Bouncer: Apache Tomcat Patches SNI & Legacy Protocol Flaws
The Apache Software Foundation has rolled out a trio of security updates for its ubiquitous Apache Tomcat web server environment, addressing vulnerabilities that range from legacy protocol confusion t ...
-
Daily CyberSecurity
The Dev Environment Trap: 128 Million Users at Risk as Top VS Code Extensions Unmask Critical Flaws
Ubiquitous extensions for Visual Studio Code, boasting a cumulative download count exceeding 128 million, have been unmasked as susceptible to exploits involving local file exfiltration and remote cod ...
-
Daily CyberSecurity
PoC Publicly Disclosed: Critical Grandstream VoIP Flaw (CVSS 9.3) Grants Stealthy Root Access
If your office desks are equipped with Grandstream GXP1600 series phones, you might want to pause the hold music and update your firmware immediately. A severe zero-day vulnerability has been uncovere ...
-
Daily CyberSecurity
CVE-2025-65717: Critical Vulnerability in VS Code’s Live Server Extension Puts 72 Million Developers at Risk, No Patch
Attack Flow | Image: OX Security A wildly popular tool designed to make web development easier is currently harboring a massive security blind spot. Researchers at OX Security have unearthed a severe ...
-
CybersecurityNews
Splunk Enterprise for Windows Vulnerability Let Attackers Hijack DLLs and Gain SYSTEM Access
Splunk Enterprise for Windows Vulnerability Splunk has disclosed a high-severity vulnerability in Splunk Enterprise for Windows that allows a low-privileged local user to escalate their privileges to ...
-
Zero Day Initiative
CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad
A remote code execution vulnerability has been reported in Microsoft Windows Notepad. The vulnerability is due to improper validation of links in Markdown files. A remote attacker could exploit this v ...
-
The Hacker News
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based managem ...