CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Apple Zero-Day (CVE-2026-20700) Exploited in the Wild
Apple has issued an emergency security update for its entire mobile ecosystem, racing to close a critical zero-day vulnerability that is currently being used in what the company describes as an “extre ...
-
TheCyberThrone
Critical SQL Injection in FortiClientEMS: CVE-2026-21643
February 12, 2026CVE-2026-21643 is a critical SQL injection vulnerability affecting Fortinet FortiClientEMS version 7.4.4, enabling unauthenticated attackers to execute arbitrary code via crafted HTTP ...
-
Daily CyberSecurity
CVE-2026-26007: Python Cryptography Flaw (CVSS 8.2) Leaks Private Keys
A high-severity vulnerability has been discovered in the cryptography Python package, one of the most widely used libraries for securing modern applications. The flaw, tracked as CVE-2026-26007, carri ...
-
Daily CyberSecurity
The Rise of Vibecoding: AI-Generated Malware Exploits React2Shell
A new class of cyberattack has been caught in the wild, one where the code isn’t written by a human hand, but generated entirely by artificial intelligence. Darktrace has released a report detailing a ...
-
Daily CyberSecurity
CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores
A critical vulnerability has been discovered in EverShop, a modern, developer-focused e-commerce platform built on React and GraphQL. The flaw, tracked as CVE-2026-25993, is a “Second-Order SQL Inject ...
-
Daily CyberSecurity
Excel Trap: New Phishing Campaign Deploys Fileless XWorm RAT
Overview of the XWorm phishing campaign infection chain | Image: Fortinet A new phishing campaign is exploiting an old vulnerability, using malicious Excel files to deploy the potent XWorm Remote Acce ...
-
Daily CyberSecurity
5G Core Breach: Critical HPE Aruba Flaw Allows Unauthenticated Admin Takeover
HPE Aruba Networking has issued a critical security alert for its Private 5G Core platform, rushing to patch a cluster of vulnerabilities that could allow attackers to bypass authentication and seize ...
-
CybersecurityNews
Massive Spike in Attacks Exploiting Ivanti EPMM Systems 0-day Vulnerability
Ivanti EPMM 0-day Vulnerability Exploited An unprecedented surge in exploitation attempts targeting CVE-2026-1281, a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM). On February 9, 202 ...
-
CybersecurityNews
Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released
SandboxJS Vulnerability PoC Released A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The flaw, tracke ...
-
CybersecurityNews
Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking, CSRF Bypass, and Zero-ID DoS Risk
UUID Flaw in Fiber v2 on Go A severe vulnerability has been discovered in Fiber v2, a popular Go web framework, that could allow attackers to hijack user sessions, bypass security protections, and cau ...