CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
November 22, 2025CISA officially added a critical vulnerability, CVE-2025-61757, to its Known Exploited Vulnerabilities (KEV) catalog, underscoring the urgent need for organizations using Oracle Ident ...
-
security.nl
VS meldt actief misbruik van kritiek RCE-lek in Oracle Identity Manager
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Oracle Identity Manager, zo laat het Amerikaanse cyberagentschap CISA weten. Gisteren verscheen er berichtgeving dat het beveiligings ...
-
The Hacker News
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This browser- ...
-
The Hacker News
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Nov 22, 2025Ravie LakshmananZero-Day / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager t ...
-
CybersecurityNews
Metasploit Adds Exploit Module for Recently Disclosed FortiWeb 0-Day Vulnerabilities
The Metasploit Framework has introduced a new exploit module targeting critical vulnerabilities in Fortinet’s FortiWeb Web Application Firewall (WAF). This module chains two recently disclosed flaws, ...
-
TheCyberThrone
SolarWinds Serv-U Critical Vulnerabilities
In November 2025, SolarWinds released an urgent security patch addressing a trio of critical remote code execution (RCE) vulnerabilities in its widely used Serv-U managed file transfer software. These ...
-
Daily CyberSecurity
SonicWall Patches Two Vulnerabilities in Email Security Appliances, Including Code Execution Flaw (CVE-2025-40604)
SonicWall has released security updates addressing two vulnerabilities in its Email Security appliances, including one that could allow persistent arbitrary code execution if exploited. The flaws—CVE- ...
-
BleepingComputer
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentia ...
-
CrowdStrike.com
November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs
Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite ...
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ...