CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oct 06, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in ...
-
CybersecurityNews
Hackers Exploit Zimbra Vulnerability as 0-Day with Weaponized iCalendar Files
A zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) was actively exploited in targeted attacks earlier in 2025. The flaw, identified as CVE-2025-27915, is a stored cross-site scripting (X ...
-
Daily CyberSecurity
Unity Flaw CVE-2025-59489 Allows Local Code Execution in Millions of Games
A serious vulnerability in the Unity Runtime, tracked as CVE-2025-59489 (CVSS 8.4), has been discovered by security researcher RyotaK (@ryotkak) from GMO Flatt Security Inc., potentially exposing mill ...
-
Daily CyberSecurity
Qualcomm Antitrust Trial Begins: UK Consumer Group Seeks £480 Million for Inflated Smartphone Prices
Qualcomm is once again facing legal action — but this time, the lawsuit does not come from Arm or other industry players. Instead, it has been filed by the UK consumer advocacy group Which?, which acc ...
-
BleepingComputer
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively expl ...
-
Daily CyberSecurity
CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection
A newly disclosed vulnerability in the Zabbix Agent and Agent 2 for Windows could allow local attackers to gain elevated privileges by exploiting a DLL injection flaw in the software’s OpenSSL configu ...
-
Daily CyberSecurity
RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access
A newly disclosed vulnerability in DrayTek’s Vigor routers, tracked as CVE-2025-10547, could allow remote attackers to execute arbitrary code and gain full control of affected devices. The flaw, rated ...
-
Daily CyberSecurity
CVE-2025-61882 (CVSS 9.8): Critical RCE Flaw in Oracle E-Business Suite
Oracle has issued an emergency Security Alert addressing a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite, warning that the flaw can be remotely exploited without authentication to ...
-
Daily CyberSecurity
WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil
A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one of the most aggressive self-propagating malware outbreaks seen in recent months. The campai ...
-
Daily CyberSecurity
QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central
QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak Replicator and Qsync Central—that could allow attackers to execute unauthorized c ...