CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released
SandboxJS Vulnerability PoC Released A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The flaw, tracke ...
-
CybersecurityNews
Critical UUID Flaw in Fiber v2 on Go 1.24+ Enables Session Hijacking, CSRF Bypass, and Zero-ID DoS Risk
UUID Flaw in Fiber v2 on Go A severe vulnerability has been discovered in Fiber v2, a popular Go web framework, that could allow attackers to hijack user sessions, bypass security protections, and cau ...
-
The Register
Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up
Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cli ...
-
0patch.com
Micropatches released for Windows Telephony Service Elevation of Privilege Vulnerability (CVE-2024-43626)
Our new CVE tracking app has been working hard these days, finding things our poor human eyes were unable or too tired to see. In this case, it alerted us about a vulnerability that was described in a ...
-
Help Net Security
Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells
A massive wave of exploitation attempts has followed the disclosure of CVE-2026-1281, a critical pre-authentication Ivanti EPMM vulnerability, the Shadowserver Foundation has warned. Some of it is aut ...
-
CybersecurityNews
MSHTML Framework 0-Day Vulnerability Let Attackers Security Feature over Network
MSHTML Framework 0-Day Vulnerability Microsoft has released an urgent security patch for a critical zero-day vulnerability (CVE-2026-21513) affecting the MSHTML Framework, which was actively exploited ...
-
The Hacker News
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, incl ...
-
CybersecurityNews
Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild
Microsoft Office Word 0-day Vulnerability A critical zero-day vulnerability in Microsoft Word, tracked as CVE-2026-21514, was disclosed on February 10, 2026, allowing attackers to bypass essential sec ...
-
CybersecurityNews
Desktop Window Manager 0-Day Vulnerability Allows Attacker to Elevate Privileges
Desktop Window Manager 0-Day Vulnerability Microsoft has released urgent security updates to address a critical zero-day vulnerability in the Windows Desktop Window Manager (DWM). Tracked as CVE-2026- ...
-
Help Net Security
Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026
Microsoft has plugged 50+ security holes on February 2026 Patch Tuesday, including six zero-day vulnerabilities exploited by attackers in the wild. The “security feature bypass” zero-days Among the ze ...