CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more
-
Daily CyberSecurity
Chrome Update: New High-Severity Flaw in V8 Engine (CVE-2025-12036) Requires Immediate Patch
Google has released a Stable Channel update (version 141.0.7390.122/.123) for Windows, Mac, and Linux, addressing a high-severity vulnerability in the V8 JavaScript engine — the core component respons ... Read more
-
Daily CyberSecurity
Critical Sauter AG Flaw (CVE-2025-41723, CVSS 9.8) Allows Unauthenticated File Upload via SOAP Interface
Swiss building automation manufacturer Sauter AG has disclosed six vulnerabilities in the embedded firmware of its modulo 6 devices, warning that attackers could exploit these flaws to gain remote con ... Read more
-
Daily CyberSecurity
Critical ABB Flaw (CVE-2025-9574, CVSS 9.9) Exposes EoL Load Controllers to Unauthenticated Admin Access
Industrial automation giant ABB has disclosed a critical missing authentication vulnerability (CVE-2025-9574) affecting its ALS-mini-S4/S8 IP intelligent load controllers, which are deployed in energy ... Read more
-
Daily CyberSecurity
Bitter APT Attacks China/Pakistan with WinRAR Zero-Day and New C# Backdoor via Office Macro
Image: Qianxin China-based cybersecurity firm Qianxin Threat Intelligence Center has uncovered a new wave of attacks linked to the Bitter APT group (APT-Q-37), also known as 蔓灵花. The group—widely beli ... Read more
-
Daily CyberSecurity
WSO2 Fixes Two Critical Access Control Vulnerabilities (CVE-2025-9804, CVE-2025-10611) Affecting API Manager and Identity Server
The WSO2 project has released urgent security advisories addressing two critical access control vulnerabilities—CVE-2025-9804 and CVE-2025-10611—that affect multiple enterprise products, including API ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more