CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazil ... Read more
-
The Hacker News
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oct 06, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in ... Read more
-
CybersecurityNews
Hackers Exploit Zimbra Vulnerability as 0-Day with Weaponized iCalendar Files
A zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) was actively exploited in targeted attacks earlier in 2025. The flaw, identified as CVE-2025-27915, is a stored cross-site scripting (X ... Read more
-
Daily CyberSecurity
Unity Flaw CVE-2025-59489 Allows Local Code Execution in Millions of Games
A serious vulnerability in the Unity Runtime, tracked as CVE-2025-59489 (CVSS 8.4), has been discovered by security researcher RyotaK (@ryotkak) from GMO Flatt Security Inc., potentially exposing mill ... Read more
-
Daily CyberSecurity
Qualcomm Antitrust Trial Begins: UK Consumer Group Seeks £480 Million for Inflated Smartphone Prices
Qualcomm is once again facing legal action — but this time, the lawsuit does not come from Arm or other industry players. Instead, it has been filed by the UK consumer advocacy group Which?, which acc ... Read more
-
BleepingComputer
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively expl ... Read more
-
Daily CyberSecurity
CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection
A newly disclosed vulnerability in the Zabbix Agent and Agent 2 for Windows could allow local attackers to gain elevated privileges by exploiting a DLL injection flaw in the software’s OpenSSL configu ... Read more
-
Daily CyberSecurity
RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access
A newly disclosed vulnerability in DrayTek’s Vigor routers, tracked as CVE-2025-10547, could allow remote attackers to execute arbitrary code and gain full control of affected devices. The flaw, rated ... Read more
-
Daily CyberSecurity
CVE-2025-61882 (CVSS 9.8): Critical RCE Flaw in Oracle E-Business Suite
Oracle has issued an emergency Security Alert addressing a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite, warning that the flaw can be remotely exploited without authentication to ... Read more
-
Daily CyberSecurity
WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil
A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one of the most aggressive self-propagating malware outbreaks seen in recent months. The campai ... Read more