CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried
Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra's GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence. Fortra disclosed ... Read more
-
BleepingComputer
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this ... Read more
-
The Register
Level-10 vuln lurking in Redis source code for 13 years could allow remote code execution
A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can let an authenticated user trigger remote code execution. For anyone using Redis Cloud, the service has alrea ... Read more
-
BleepingComputer
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote ... Read more
-
BleepingComputer
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. Unity is a cross-platform game engine and developme ... Read more
-
security.nl
'Nederland telt 800 Cisco-firewalls met actief aangevallen kwetsbaarheden'
Nederland telt zo'n achthonderd Cisco-firewalls met actief aangevallen kwetsbaarheden waarvoor beveiligingsupdates beschikbaar zijn. Dat meldt The Shadowserver Foundation op basis van een online scan. ... Read more
-
CybersecurityNews
NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks
NCSC has issued an urgent warning regarding a critical zero-day flaw in Oracle E-Business Suite (EBS) that is currently being exploited in the wild. Tracked as CVE-2025-61882, the vulnerability reside ... Read more
-
The Cyber Express
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers t ... Read more
-
CybersecurityNews
Zabbix Agent and Agent 2 for Windows Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability has been discovered in Zabbix Agent and Agent 2 for Windows that allows attackers with local system access to escalate their privileges through DLL injection attacks. ... Read more
-
The Hacker News
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share ... Read more