CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Cyber spies linked to the Chinese government exploited a Windows shortcut vulnerability disclosed in March – but that Microsoft hasn't fixed yet – to target European diplomats in an effort to steal de ...
-
Red Canary
Here’s what you missed on Office Hours: October 2025
Every Tuesday at 1 PM ET, Red Canary’s security experts tackle cybersecurity news and industry trends with special guests and exclusive operational insights.October’s episodes touched on how both defe ...
-
CybersecurityNews
RediShell RCE Vulnerability Exposes 8,500+ Redis Instances to Code Execution Attacks
The cybersecurity landscape faced a critical threat in early October 2025 with the public disclosure of RediShell, a severe use-after-free vulnerability in Redis’s Lua scripting engine. Identified as ...
-
The Register
Docker Compose vulnerability opens door to host-level writes – patch pronto
Docker Compose users are being strongly urged to upgrade their versions of the orchestration tool after a researcher uncovered a flaw that could allow attackers to stage path traversal attacks. NIST h ...
-
BleepingComputer
CISA and NSA share tips on securing Microsoft Exchange servers
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks ...
-
CybersecurityNews
Multiple Jenkins Vulnerability SAML Authentication Bypass And MCP Server Plugin Permissions
The Jenkins project released Security Advisory 2025-10-29 on October 28, 2025, disclosing multiple vulnerabilities across 13 plugins that power the popular open-source automation server. These flaws r ...
-
cert.pl
Vulnerability in Eveo URVE Smart Office software
Vulnerability in Eveo URVE Smart Office software CVE ID CVE-2025-10348 Publication date 30 October 2025 Vendor Eveo Product URVE Smart Office Vulnerable versions All before 1.1.24 Vulnerability type ( ...
-
Help Net Security
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of ...
-
TheCyberThrone
Google Chrome 142 Stable Channel Release
October 30, 2025Google Chrome 142 stable channel was officially released on October 28, 2025, for Windows, Mac, Linux, Android, and ChromeOS platforms. The update includes 20 security fixes, addressin ...
-
0patch.com
Micropatches Released for Windows Installer Elevation of Privilege Vulnerability (CVE-2025-50173)
August 2025 Windows Updates brought a patch for CVE-2025-50173, a privilege escalation vulnerability in Windows Installer that could allow a local low-privileged attacker to execute arbitrary code as ...