CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
Daily CyberSecurity
OpenAI Partners with AMD, Adopting Instinct MI450 GPUs for a 6 GW AI Computing Infrastructure
OpenAI has once again expanded its AI computing empire — this time partnering not with NVIDIA, but with another semiconductor giant, AMD. Under a sweeping new agreement, OpenAI will adopt AMD’s Instin ... Read more
-
Daily CyberSecurity
Qt Fixes Dual Critical Vulnerabilities (CVE-2025-10728 & CVE-2025-10729) in SVG Module
The Qt Group has released a critical security advisory addressing two severe vulnerabilities in the Qt SVG module — tracked as CVE-2025-10728 and CVE-2025-10729 — that could lead to denial of service ... Read more
-
TheCyberThrone
CISA Adds 7 Actively Exploited Vulnerabilities to KEV Catalog
October 7, 2025The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog in October 2025, adding several high-impact vulnerabilities be ... Read more
-
Daily CyberSecurity
Elastic Fixes Multiple High-Severity Vulnerabilities in Kibana and Elasticsearch
Elastic has issued five security advisories addressing five vulnerabilities affecting its Kibana and Elasticsearch components, including three critical Cross-Site Scripting (XSS) issues and two inform ... Read more
-
Daily CyberSecurity
Oracle EBS Zero-Day (CVE-2025-61882) Under Active RCE Exploitation by GRACEFUL SPIDER
CrowdStrike has sounded the alarm on an ongoing mass exploitation campaign targeting Oracle E-Business Suite (EBS) applications through a previously unknown zero-day vulnerability. The flaw, now track ... Read more
-
CybersecurityNews
13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System
A 13-year-old critical remote code execution (RCE) vulnerability in Redis, dubbed RediShell, allows attackers to gain full access to the underlying host system. The flaw, tracked as CVE-2025-49844, wa ... Read more
-
Daily CyberSecurity
Critical Flaw CVE-2025-59159 (CVSS 9.7) in SillyTavern Allows Full Remote Control of Local AI Instances
The developers of SillyTavern, a popular locally hosted interface for large language models (LLMs) and AI tools, have issued a security advisory warning users of a critical web interface vulnerability ... Read more
-
Daily CyberSecurity
Critical RCE (CVE-2025-10035) in GoAnywhere MFT Used by Medusa Ransomware Group
Microsoft Threat Intelligence has issued a warning following the discovery of active exploitation of a newly disclosed critical vulnerability in GoAnywhere Managed File Transfer (MFT) software by the ... Read more
-
Daily CyberSecurity
Critical Flaw CVE-2025-36356 (CVSS 9.3) in IBM Security Verify Access Allows Root Privilege Escalation
IBM has released fixes for three security vulnerabilities affecting its IBM Security Verify Access and IBM Verify Identity Access products, warning that the issues could lead to privilege escalation, ... Read more