CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical FluentBit Vulnerabilities Let Attackers to Cloud Environments Remotely
A new chain of five critical vulnerabilities discovered in Fluent Bit has exposed billions of containerized environments to remote compromise. Fluent Bit, an open-source logging and telemetry agent de ...
-
The Register
Clop's Oracle EBS rampage reaches Dartmouth College
Dartmouth College has confirmed it's the latest victim of Clop's Oracle E-Business Suite (EBS) smash-and-grab. According to a breach notification filed with Maine's attorney general, the New Hampshire ...
-
hackread.com
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users
AI security firm AISLE recently discovered a serious vulnerability in the Firefox web browser that went unnoticed for six months. This flaw could have let attackers run their own instructions on a use ...
-
The Cyber Express
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998
A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password informat ...
-
The Hacker News
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
Nov 25, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, ...
-
security.nl
'Honderden kwetsbare Monsta FTP-clients toegankelijk vanaf internet'
Honderden Monsta FTP-clients die vanaf het internet toegankelijk zijn bevatten een kritieke kwetsbaarheid waardoor ongeauthenticeerde aanvallers op afstand code op systemen kunnen uitvoeren. Dat laat ...
-
BleepingComputer
Dartmouth College confirms data breach after Clop extortion attack
Dartmouth College has disclosed a data breach after the Clop extortion gang leaked data allegedly stolen from the school's Oracle E-Business Suite servers on its dark web leak site. The private Ivy L ...
-
CybersecurityNews
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by th ...
-
CybersecurityNews
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
A critical security flaw has been discovered in HashiCorp’s Vault Terraform Provider that could allow attackers to bypass authentication and access Vault without valid credentials. The vulnerability, ...
-
The Hacker News
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Nov 25, 2025Ravie LakshmananSpyware / Mobile Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial ...