CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Unity Flaw CVE-2025-59489 Allows Local Code Execution in Millions of Games
A serious vulnerability in the Unity Runtime, tracked as CVE-2025-59489 (CVSS 8.4), has been discovered by security researcher RyotaK (@ryotkak) from GMO Flatt Security Inc., potentially exposing mill ... Read more
-
Daily CyberSecurity
Qualcomm Antitrust Trial Begins: UK Consumer Group Seeks £480 Million for Inflated Smartphone Prices
Qualcomm is once again facing legal action — but this time, the lawsuit does not come from Arm or other industry players. Instead, it has been filed by the UK consumer advocacy group Which?, which acc ... Read more
-
BleepingComputer
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively expl ... Read more
-
Daily CyberSecurity
CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection
A newly disclosed vulnerability in the Zabbix Agent and Agent 2 for Windows could allow local attackers to gain elevated privileges by exploiting a DLL injection flaw in the software’s OpenSSL configu ... Read more
-
Daily CyberSecurity
RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access
A newly disclosed vulnerability in DrayTek’s Vigor routers, tracked as CVE-2025-10547, could allow remote attackers to execute arbitrary code and gain full control of affected devices. The flaw, rated ... Read more
-
Daily CyberSecurity
CVE-2025-61882 (CVSS 9.8): Critical RCE Flaw in Oracle E-Business Suite
Oracle has issued an emergency Security Alert addressing a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite, warning that the flaw can be remotely exploited without authentication to ... Read more
-
Daily CyberSecurity
WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil
A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one of the most aggressive self-propagating malware outbreaks seen in recent months. The campai ... Read more
-
Daily CyberSecurity
QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central
QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak Replicator and Qsync Central—that could allow attackers to execute unauthorized c ... Read more
-
Daily CyberSecurity
Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis
Redis, the popular open-source in-memory data store widely used for real-time analytics, caching, and message brokering, has released multiple patches addressing four security vulnerabilities that cou ... Read more
-
Help Net Security
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The resilience of the world’s sub ... Read more