CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
Help Net Security
October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
A lot of classic software is reaching end-of-life (EOL) this month. Windows 10, Office 2016 and Exchange Server 2016 have survived after nearly a decade of service. Not far behind, after six years in ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CybersecurityNews
7-Zip Vulnerabilities Allows Remote Attackers to Execute Arbitrary Code
Two high-severity vulnerabilities have been discovered in the popular open-source file archiver, 7-Zip, which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and C ... Read more
-
Daily CyberSecurity
Gemini Nano Block: Google Locks On-Device AI Access for Smartphones with Unlocked Bootloaders
For certain advanced users and developers, unlocking the Android operating system on their smartphones is a common practice. Once unlocked, it grants elevated privileges and access to deeper system fu ... Read more
-
Daily CyberSecurity
CL0P Extortion: Google/Mandiant Expose Zero-Day RCE in Oracle E-Business Suite (CVE-2025-61882)
Google Threat Intelligence Group (GTIG) and Mandiant have jointly disclosed an extensive data theft and extortion campaign targeting Oracle E-Business Suite (EBS) environments, linked to threat actors ... Read more
-
Daily CyberSecurity
Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI
Huntress has sounded the alarm over active exploitation of a newly discovered Local File Inclusion (LFI) vulnerability in Gladinet CentreStack and Triofox software, tracked as CVE-2025-11371 (CVSS 6.1 ... Read more
-
Daily CyberSecurity
NVIDIA GPU Driver Patches Multiple High-Severity Flaws Risking RCE and Privilege Escalation
NVIDIA has released an important software security update for its GPU Display Driver, addressing multiple vulnerabilities that could lead to code execution, privilege escalation, data tampering, or de ... Read more
-
Daily CyberSecurity
RondoDox Botnet Unleashed: New Malware Uses ‘Exploit Shotgun’ to Target 50+ Router and IoT Flaws
Trend Micro has uncovered a rapidly expanding botnet campaign dubbed RondoDox, which is targeting a wide spectrum of internet-exposed devices — from routers and DVRs to CCTV systems and industrial net ... Read more
-
Daily CyberSecurity
DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks
Cisco Talos has confirmed that ransomware operators are now abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in live ransomware campaigns. “Ransomware operator ... Read more