CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Rapid7 Details Cisco ASA Zero-Day Exploit Chain (CVE-2025-20362 & CVE-2025-20333)
Security researchers at Rapid7 have published a detailed technical analysis uncovering how a pair of zero-day vulnerabilities in Cisco Secure Firewall ASA and FTD software were exploited in-the-wild t ... Read more
-
Daily CyberSecurity
Snipe-IT Flaw Chained: XSS (CVE-2025-59712) to RCE (CVE-2025-59713) Achieves Full Server Compromise, PoC Released
Image: Synacktiv Cybersecurity researchers at Synacktiv have uncovered two critical vulnerabilities in Snipe-IT, an open-source IT asset management system, that can be chained together to achieve remo ... Read more
-
The Register
Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried
Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra's GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence. Fortra disclosed ... Read more
-
BleepingComputer
Microsoft: Critical GoAnywhere bug exploited in ransomware attacks
A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this ... Read more
-
The Register
Level-10 vuln lurking in Redis source code for 13 years could allow remote code execution
A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can let an authenticated user trigger remote code execution. For anyone using Redis Cloud, the service has alrea ... Read more
-
BleepingComputer
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote ... Read more
-
BleepingComputer
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. Unity is a cross-platform game engine and developme ... Read more
-
security.nl
'Nederland telt 800 Cisco-firewalls met actief aangevallen kwetsbaarheden'
Nederland telt zo'n achthonderd Cisco-firewalls met actief aangevallen kwetsbaarheden waarvoor beveiligingsupdates beschikbaar zijn. Dat meldt The Shadowserver Foundation op basis van een online scan. ... Read more
-
CybersecurityNews
NCSC Warns of Oracle E-Business Suite 0-Day Vulnerability Actively Exploited in Attacks
NCSC has issued an urgent warning regarding a critical zero-day flaw in Oracle E-Business Suite (EBS) that is currently being exploited in the wild. Tracked as CVE-2025-61882, the vulnerability reside ... Read more
-
The Cyber Express
Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates
Oracle has issued a security alert warning users of a zero-day vulnerability in its widely used Oracle E-Business Suite. Tracked as CVE-2025-61882, this flaw allows unauthenticated, remote attackers t ... Read more