CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Sleeping with the Enemy: Dormant Backdoors Found in Ivanti EPMM
A stealthy new cyber espionage campaign is targeting Ivanti Endpoint Manager Mobile (EPMM), but unlike typical ransomware gangs that smash and grab, these attackers are planting seeds and walking away ...
-
Daily CyberSecurity
Sandbox Breakout: Critical SandboxJS Flaw (CVE-2026-25881) Allows Host Takeover
A critical vulnerability has been discovered in SandboxJS, a popular library designed to safely execute untrusted JavaScript code. The flaw, tracked as CVE-2026-25881, allows malicious code to escape ...
-
Daily CyberSecurity
Factory Flaw: Critical WAGO Switch Vulnerabilities (CVSS 9.8) Allow Remote Takeover
A cluster of critical vulnerabilities has been discovered in WAGO’s 852 series Industrial Managed Switches, leaving operational technology (OT) networks exposed to remote takeover. In a new security a ...
-
Daily CyberSecurity
CVE-2026-23906: Authentication Bypass Flaw Hits Apache Druid Analytics Clusters
The Apache Software Foundation has released a security update for Apache Druid, the high-performance real-time analytics database, to fix a glaring hole in its authentication logic. Tracked as CVE-202 ...
-
Daily CyberSecurity
Handshake Halt: GnuTLS 3.8.12 Fixes TLS 1.3 Crash & CPU Exhaustion
The maintainers of GnuTLS, a core library used by countless applications to secure network communications, have released a vital update to address two denial-of-service (DoS) vulnerabilities. Released ...
-
Daily CyberSecurity
CVE-2026-24343: Apache HertzBeat Flaw Opens Door to Resource Exhaustion
The Apache Software Foundation has issued a security advisory for HertzBeat, its AI-powered real-time observability platform, warning of a vulnerability that could allow attackers to overwhelm the sys ...
-
The Register
Microsoft's Valentine's gift to admins: 6 exploited zero-day fixes
What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday. For compari ...
-
Zero Day Initiative
The February 2026 Security Update Review
I have survived the biggest Pwn2Own ever, but I’m back in Tokyo for the second Patch Tuesday of 2026. My location never stops Patch Tuesday from coming, so let’s take a look at the latest security pat ...
-
CybersecurityNews
Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days
Microsoft Patch Tuesday February 2026 Microsoft released its February 2026 Patch Tuesday updates on February 10, addressing 54 vulnerabilities, including six zero-days across Windows, Office, Azure, a ...
-
CybersecurityNews
FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands
FortiSandbox XSS Vulnerability Fortinet has disclosed a high-severity cross-site scripting (XSS) vulnerability in its FortiSandbox platform, tracked as CVE-2025-52436 (FG-IR-25-093), that enables unau ...