CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Apache OFBiz Flaw (CVE-2025-59118) Allows Remote Command Execution via Unrestricted File Upload
The Apache Software Foundation (ASF) has released an important security update for Apache OFBiz, its open-source enterprise resource planning (ERP) platform, addressing two newly disclosed vulnerabili ...
-
Daily CyberSecurity
November Patch Tuesday: Microsoft Fixes 68 Flaws, Including Kernel Zero-Day Under Active Exploitation
Microsoft has released its November 2025 Patch Tuesday, addressing a total of 68 vulnerabilities, including a high-priority zero-day flaw already being actively exploited in the wild. This critical up ...
-
TheCyberThrone
Microsoft Patch Tuesday November 2025
November 12, 2025November 11, 2025 marked another important Patch Tuesday from Microsoft, releasing security updates that address 63 vulnerabilities impacting a wide range of Microsoft products. This ...
-
Daily CyberSecurity
Critical Authentication Bypass Vulnerability Found in Milvus Proxy (CVE-2025-64513, CVSS 9.3)
Milvus, a leading open-source vector database that powers AI and large-scale search applications, has disclosed a critical authentication bypass vulnerability in its Proxy component. Tracked as CVE-20 ...
-
Daily CyberSecurity
Rockwell Automation Fixes Critical Privilege Escalation Flaw in Verve Asset Manager (CVE-2025-11862, CVSS 9.9)
Rockwell Automation has released a critical security advisory addressing a severe privilege escalation vulnerability (CVE-2025-11862, CVSS 9.9) discovered in its Verve Asset Manager platform — a unifi ...
-
Daily CyberSecurity
New Android Rule: Google to Flag Battery-Draining Apps on Play Store Listings
Google has recently introduced a new “Excessive Wake Lock” metric for Android app developers. If an application exceeds the threshold set by Google, the Google Play Store will display a red warning ba ...
-
Daily CyberSecurity
AI Boom Creates 2-Year HDD Backlog, Forcing Shift to QLC SSDs and Price Hikes
Fueled by the explosive growth of the artificial intelligence industry, demand for GPUs and other computing hardware has surged dramatically — and with it, the demand for memory. Western Digital’s aff ...
-
BleepingComputer
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. The security issue (CVE-202 ...
-
BleepingComputer
Hackers abuse Triofox antivirus feature to deploy remote access tools
Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet's Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. The ...
-
hackread.com
Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach
Cl0p is claiming responsibility for a new data breach affecting the National Health Service (NHS UK). On November 11, 2026, the ransomware group posted on its dark web leak site, accusing the healthca ...