CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Critical CVE-2025-27237 Vulnerability in Zabbix Agent for Windows Enables Privilege Escalation via OpenSSL Misconfiguration
A security vulnerability has been identified in Zabbix Agent and Agent2 for Windows, potentially allowing local users to escalate their privileges to the SYSTEM level. Tracked as CVE-2025-27237, the f ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
Daily CyberSecurity
OpenAI Partners with AMD, Adopting Instinct MI450 GPUs for a 6 GW AI Computing Infrastructure
OpenAI has once again expanded its AI computing empire — this time partnering not with NVIDIA, but with another semiconductor giant, AMD. Under a sweeping new agreement, OpenAI will adopt AMD’s Instin ... Read more
-
Daily CyberSecurity
Qt Fixes Dual Critical Vulnerabilities (CVE-2025-10728 & CVE-2025-10729) in SVG Module
The Qt Group has released a critical security advisory addressing two severe vulnerabilities in the Qt SVG module — tracked as CVE-2025-10728 and CVE-2025-10729 — that could lead to denial of service ... Read more
-
TheCyberThrone
CISA Adds 7 Actively Exploited Vulnerabilities to KEV Catalog
October 7, 2025The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog in October 2025, adding several high-impact vulnerabilities be ... Read more
-
Daily CyberSecurity
Elastic Fixes Multiple High-Severity Vulnerabilities in Kibana and Elasticsearch
Elastic has issued five security advisories addressing five vulnerabilities affecting its Kibana and Elasticsearch components, including three critical Cross-Site Scripting (XSS) issues and two inform ... Read more
-
Daily CyberSecurity
Oracle EBS Zero-Day (CVE-2025-61882) Under Active RCE Exploitation by GRACEFUL SPIDER
CrowdStrike has sounded the alarm on an ongoing mass exploitation campaign targeting Oracle E-Business Suite (EBS) applications through a previously unknown zero-day vulnerability. The flaw, now track ... Read more
-
CybersecurityNews
13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System
A 13-year-old critical remote code execution (RCE) vulnerability in Redis, dubbed RediShell, allows attackers to gain full access to the underlying host system. The flaw, tracked as CVE-2025-49844, wa ... Read more
-
Daily CyberSecurity
Critical Flaw CVE-2025-59159 (CVSS 9.7) in SillyTavern Allows Full Remote Control of Local AI Instances
The developers of SillyTavern, a popular locally hosted interface for large language models (LLMs) and AI tools, have issued a security advisory warning users of a critical web interface vulnerability ... Read more
-
Daily CyberSecurity
Critical RCE (CVE-2025-10035) in GoAnywhere MFT Used by Medusa Ransomware Group
Microsoft Threat Intelligence has issued a warning following the discovery of active exploitation of a newly disclosed critical vulnerability in GoAnywhere Managed File Transfer (MFT) software by the ... Read more