CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere ... Read more
-
security.nl
Microsoft: kritiek GoAnywhere MFT-lek gebruikt bij ransomware-aanvallen
Een kritieke kwetsbaarheid in Fortra GoAnywhere MFT is gebruikt bij ransomware-aanvallen en op het moment van de aanvallen was er nog geen beveiligingsupdate voor het probleem beschikbaar. Dat laat Mi ... Read more
-
The Cyber Express
Scattered Spider Moves from Data Leaks to Insider-Powered Access Markets Targeting Microsoft, Apple, and More
Scattered Spider has shifted its operational strategy, moving away from chaotic data leaks toward a more structured and professional model of cybercrime. Now functioning as a hybrid of Ransomware-as-a ... Read more
-
CybersecurityNews
CISA Warns of Windows Privilege Escalation Vulnerability Exploited in Attacks
CISA has issued an urgent security advisory, adding Microsoft Windows privilege escalation vulnerability CVE-2021-43226 to its Known Exploited Vulnerabilities (KEV) catalog on October 6, 2025. The vul ... Read more
-
The Register
Google DeepMind minds the patch with AI flaw-fixing scheme
Google says its AI-powered security repair tool CodeMender has been helping secure open source projects through automated patch creation, subject to human approval. The Chocolate Factory is already co ... Read more
-
CybersecurityNews
OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released
A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability ... Read more
-
CybersecurityNews
Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day Vulnerability in the Wild
Oracle has issued an emergency security alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite after the notorious Cl0p ransomware group began extorting customers who fai ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
The Hacker News
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks
Oct 07, 2025Ravie LakshmananCyber Attack / Ransomware CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate conf ... Read more
-
The Cyber Express
Critical CVE-2025-27237 Vulnerability in Zabbix Agent for Windows Enables Privilege Escalation via OpenSSL Misconfiguration
A security vulnerability has been identified in Zabbix Agent and Agent2 for Windows, potentially allowing local users to escalate their privileges to the SYSTEM level. Tracked as CVE-2025-27237, the f ... Read more