CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
CVE Deep Dive : CVE-2025–32462
6 min readSep 16, 2025Sudo Host Option Bypass — 12-Year-Old Privilege Escalation FlawPublished : Sept 16, 2025 | by : OptExecutive SummaryRisk Level: Low (CVSS 2.8) — However : High Risk in Enterprise ... Read more
-
security.nl
Oracle brengt opnieuw noodpatch uit voor beveiligingslek in E-Business Suite
Oracle heeft opnieuw een noodpatch uitgebracht voor E-Business Suite en roept klanten op om die meteen te installeren. Via de kwetsbaarheid (CVE-2025-61884) kan een ongeauthenticeerde aanvaller op afs ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CybersecurityNews
Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform f ... Read more
-
Daily CyberSecurity
Oracle Warns of Unauthenticated Vulnerability in E-Business Suite (CVE-2025-61884)
Oracle has issued an emergency Security Alert Advisory for a newly discovered vulnerability affecting Oracle E-Business Suite, tracked as CVE-2025-61884. The flaw, which carries a critical remote expl ... Read more
-
Daily CyberSecurity
Pro-Russian Hacktivist Group TwoNet Exposed for Fabricating Critical Infrastructure Attacks to Boost Reputation
Forescout Research has uncovered a disturbing new tactic among pro-Russian hacktivists — fabricating real-world critical infrastructure attacks to inflate their reputation. In a recent case, a newly f ... Read more
-
Daily CyberSecurity
Critical Cherry Studio Flaw CVE-2025-61929 (CVSS 9.7) Allows One-Click RCE via Custom URL Protocol
A critical security flaw has been discovered in Cherry Studio, a cross-platform desktop client that supports multiple large language model (LLM) providers. Tracked as CVE-2025-61929 and rated CVSS 9.7 ... Read more
-
Daily CyberSecurity
Critical Auth Bypass (CVE-2025-61928) in Better Auth Allows Hackers to Steal User API Keys
A critical authentication bypass vulnerability has been discovered in Better Auth, a popular framework-agnostic authentication and authorization library for TypeScript, used by developers to add secur ... Read more
-
Daily CyberSecurity
Axis Communications Leaks Azure Credentials in Autodesk Plugin Via Hardcoded SAS Tokens
Trend Micro’s Threat Research team has uncovered a serious cloud credential exposure involving Axis Communications, a leading provider of network surveillance and security devices. The issue originate ... Read more
-
Daily CyberSecurity
Massive RDP Botnet Unleashed: 100,000+ IPs in Coordinated Global Scanning Campaign Targeting US
GreyNoise Intelligence has issued an alert about a massive coordinated botnet operation targeting Remote Desktop Protocol (RDP) services across the United States. Since October 8, 2025, researchers ha ... Read more