CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Hackers exploiting critical "SessionReaper" flaw in Adobe Magento
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. The activity was spotted b ...
-
The Register
Salt Typhoon hit governments on three continents with SharePoint attacks
Security researchers now say more Chinese crews - likely including Salt Typhoon - than previously believed exploited a critical Microsoft SharePoint vulnerability, and used the flaw to target governme ...
-
BleepingComputer
TARmageddon flaw in abandoned Rust library enables RCE attacks
A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. Tracked as CVE-2025-62518, ...
-
CybersecurityNews
Critical Argument Injection Vulnerability in Popular AI Agents Let Attackers Execute Remote Code
A critical argument injection flaw in three unnamed popular AI agent platforms enables attackers to bypass human approval safeguards and achieve remote code execution (RCE) through seemingly innocuous ...
-
CybersecurityNews
Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition
GitLab has urgently released patch versions 18.5.1, 18.4.3, and 18.3.5 for its Community Edition (CE) and Enterprise Edition (EE) to address multiple critical security flaws, including several high-se ...
-
CybersecurityNews
Chinese Hackers Using ToolShell Vulnerability To Compromise Networks Of Government Agencies
China-based threat actors have exploited the critical ToolShell vulnerability in Microsoft SharePoint servers to infiltrate networks across multiple continents, targeting government agencies and criti ...
-
The Hacker News
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
Oct 22, 2025Ravie LakshmananCyber Espionage / Vulnerability Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications com ...
-
CybersecurityNews
Critical Vulnerability In Oracle E-Business Suite’s Marketing Product Allows Full Access To Attackers
Oracle has disclosed two critical vulnerabilities in its E-Business Suite’s Marketing product that could hand full control to remote attackers. Dubbed CVE-2025-53072 and CVE-2025-62481, these flaws af ...
-
Daily CyberSecurity
Two Critical Oracle Marketing Flaws (CVE-2025-53072, CVE-2025-62481) — Patch Immediately or Risk Full Takeover
Oracle has released its October 2025 Critical Patch Update (CPU), fixing a massive 374 security vulnerabilities and urgently addressing two flaws that could allow unauthenticated attackers to complete ...
-
security.nl
TP-Link dicht kritiek command injection-lek in Omada-gateways
TP-Link heeft firmware-updates uitgebracht voor een kritieke kwetsbaarheid in de Omada-gateways waardoor een ongeauthenticeerde aanvaller op afstand OS-commando's op het apparaat kan uitvoeren. Omada- ...