CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Better Auth API keys Vulnerability Let Attackers Create Privileged Credentials For Arbitrary Users
A severe vulnerability in the popular better-auth library’s API keys plugin enables attackers to generate privileged credentials for any user without authentication. Dubbed CVE-2025-61928, the issue a ... Read more
-
The Hacker News
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
Oct 21, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in ... Read more
-
CybersecurityNews
CISA Warns Of Oracle E-Business Suite SSRF Vulnerability Actively Exploited In Attacks
CISA has issued an urgent alert about a critical server-side request forgery (SSRF) vulnerability in Oracle E-Business Suite, now actively exploited by threat actors. Tracked as CVE-2025-61884, the fl ... Read more
-
Help Net Security
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency ... Read more
-
hackread.com
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Texas-based regional airline Envoy Air, the largest carrier operating under American Airlines, confirmed on October 17, 2025, that it fell victim to a recent wave of attacks targeting a zero-day vulne ... Read more
-
CybersecurityNews
LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code
Motex has disclosed a severe remote code execution vulnerability in its LANSCOPE Endpoint Manager On-Premise Edition. Assigned CVE-2025-61932, the flaw carries a CVSS 3.0 score of 9.8, classifying it ... Read more
-
cert.pl
Vulnerability in SIMPLE.ERP software
Vulnerability in SIMPLE.ERP software CVE ID CVE-2025-9339 Publication date 21 October 2025 Vendor Simple SA Product SIMPLE.ERP Vulnerable versions All before [email protected] Vulnerability type (CWE) Improp ... Read more
-
The Register
Feds flag active exploitation of patched Windows SMB vuln
Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited – months after it was patched. The bug, tracked as CVE-2025-33073, was ... Read more
-
The Cyber Express
Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073 Spotted
A flaw rooted in the Server Message Block (SMB) protocol of Windows enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affec ... Read more
-
The Cyber Express
Over 120,000 Bitcoin Private Keys Compromised Due to Flaw in Libbitcoin Explorer
A severe vulnerability in the random number generation method of the widely used open-source Bitcoin library Libbitcoin Explorer has led to the exposure of more than 120,000 Bitcoin private keys, putt ... Read more