CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform f ... Read more
-
Daily CyberSecurity
Oracle Warns of Unauthenticated Vulnerability in E-Business Suite (CVE-2025-61884)
Oracle has issued an emergency Security Alert Advisory for a newly discovered vulnerability affecting Oracle E-Business Suite, tracked as CVE-2025-61884. The flaw, which carries a critical remote expl ... Read more
-
Daily CyberSecurity
Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation
Forescout Research has uncovered a disturbing new tactic among pro-Russian hacktivists — fabricating real-world critical infrastructure attacks to inflate their reputation. In a recent case, a newly f ... Read more
-
Daily CyberSecurity
Critical Cherry Studio Flaw CVE-2025-61929 (CVSS 9.7) Allows One-Click RCE via Custom URL Protocol
A critical security flaw has been discovered in Cherry Studio, a cross-platform desktop client that supports multiple large language model (LLM) providers. Tracked as CVE-2025-61929 and rated CVSS 9.7 ... Read more
-
Daily CyberSecurity
Critical Auth Bypass (CVE-2025-61928) in Better Auth Allows Hackers to Steal User API Keys
A critical authentication bypass vulnerability has been discovered in Better Auth, a popular framework-agnostic authentication and authorization library for TypeScript, used by developers to add secur ... Read more
-
Daily CyberSecurity
Axis Communications Leaks Azure Credentials in Autodesk Plugin Via Hardcoded SAS Tokens
Trend Micro’s Threat Research team has uncovered a serious cloud credential exposure involving Axis Communications, a leading provider of network surveillance and security devices. The issue originate ... Read more
-
Daily CyberSecurity
Massive RDP Botnet Unleashed: 100,000+ IPs in Coordinated Global Scanning Campaign Targeting US
GreyNoise Intelligence has issued an alert about a massive coordinated botnet operation targeting Remote Desktop Protocol (RDP) services across the United States. Since October 8, 2025, researchers ha ... Read more
-
Daily CyberSecurity
Akira Ransomware Revives SonicWall Flaw CVE-2024-40766, Uses ‘UnPAC the Hash’ to Breach Networks
Image: Fortinet Between July and August 2025, global security teams have observed a resurgence in Akira ransomware incidents targeting organizations through SonicWall SSL VPN appliances, marking a ren ... Read more
-
Daily CyberSecurity
Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode
Apple has announced a major overhaul of its Security Bounty vulnerability reward program, set to take effect this November, with a substantial increase in payout ceilings—making it one of the most luc ... Read more
-
Daily CyberSecurity
CVE-2025-61927 (CVSS 9.4): Critical RCE Flaw Discovered in Happy DOM, Over 2.7 Million Weekly Downloads Impacted
A critical-severity vulnerability has been disclosed in Happy DOM, a popular JavaScript package used to emulate web browsers for testing, scraping, and server-side rendering (SSR). Tracked as CVE-2025 ... Read more