CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
SonicWall SSLVPN Vulnerability CVE-2025-40601
November 23, 2025A critical vulnerability was discovered affecting SonicWall firewalls’ SSLVPN service, identified as CVE-2025-40601. This stack-based buffer overflow flaw allows unauthenticated remot ...
-
CybersecurityNews
Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach
Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we analyze the critical incidents defining the current threat landscape. If this week has taught us anything, it is th ...
-
CybersecurityNews
Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges
A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels. The flaw, categorized as an aut ...
-
hackread.com
Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
A vulnerability has been found in the very popular, free file-compressing tool 7-Zip. The flaw, tracked as CVE-2025-11001, has a public exploit, leading to a high-risk warning from the UK’s NHS Englan ...
-
Help Net Security
Week in review: Stealth-patched FortiWeb vulnerability under active exploitation, Logitech data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The tech that turns supply chains from brittle to unbreakable In this Help Net Security interview, Sev ...
-
TheCyberThrone
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
November 22, 2025CISA officially added a critical vulnerability, CVE-2025-61757, to its Known Exploited Vulnerabilities (KEV) catalog, underscoring the urgent need for organizations using Oracle Ident ...
-
BleepingComputer
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Su ...
-
security.nl
VS meldt actief misbruik van kritiek RCE-lek in Oracle Identity Manager
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Oracle Identity Manager, zo laat het Amerikaanse cyberagentschap CISA weten. Gisteren verscheen er berichtgeving dat het beveiligings ...
-
The Hacker News
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This browser- ...
-
The Hacker News
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Nov 22, 2025Ravie LakshmananZero-Day / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager t ...