CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Oracle patches EBS zero-day exploited in Clop data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively expl ... Read more
-
Daily CyberSecurity
CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection
A newly disclosed vulnerability in the Zabbix Agent and Agent 2 for Windows could allow local attackers to gain elevated privileges by exploiting a DLL injection flaw in the software’s OpenSSL configu ... Read more
-
Daily CyberSecurity
RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access
A newly disclosed vulnerability in DrayTek’s Vigor routers, tracked as CVE-2025-10547, could allow remote attackers to execute arbitrary code and gain full control of affected devices. The flaw, rated ... Read more
-
Daily CyberSecurity
CVE-2025-61882 (CVSS 9.8): Critical RCE Flaw in Oracle E-Business Suite
Oracle has issued an emergency Security Alert addressing a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite, warning that the flaw can be remotely exploited without authentication to ... Read more
-
Daily CyberSecurity
WhatsApp Worm: New SORVEPOTEL Malware Hijacks Sessions to Spread Aggressively Across Brazil
A new malware campaign uncovered by Trend Micro’s Threat Research team has weaponized WhatsApp to launch one of the most aggressive self-propagating malware outbreaks seen in recent months. The campai ... Read more
-
Daily CyberSecurity
QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central
QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak Replicator and Qsync Central—that could allow attackers to execute unauthorized c ... Read more
-
Daily CyberSecurity
Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis
Redis, the popular open-source in-memory data store widely used for real-time analytics, caching, and message brokering, has released multiple patches addressing four security vulnerabilities that cou ... Read more
-
Help Net Security
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The resilience of the world’s sub ... Read more
-
CybersecurityNews
Unity Real-Time Development Platform Vulnerability Let Attackers Execute Arbitrary Code
Unity Technologies has issued a critical security advisory warning developers about a high-severity vulnerability affecting its widely used game development platform. The flaw, designated CVE-2025-594 ... Read more
-
cybereason.com
Addressing the CL0P Extortion Campaign Targeting Oracle E-Business Suite (EBS) Users
Cybereason is continuing to investigate. Check the Cybereason blog for additional updates. Overview and What Cybereason Knows So Far July 2025, Oracle released security updates including 309 patches, ... Read more