CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Broadcom Shifts VMware Workstation/Fusion to Year-Based Versioning with New 25H2 Release
Broadcom has recently announced a change to the versioning system of its virtualization software, VMware Workstation Pro and Fusion Pro. Starting with the latest release, the company will no longer us ... Read more
-
Daily CyberSecurity
CISA Emergency Alert: Critical Adobe AEM Flaw (CVE-2025-54253, CVSS 10.0) Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager (AEM) vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, following confirmati ... Read more
-
Daily CyberSecurity
Operation Zero Disco: Critical Cisco SNMP Flaw (CVE-2025-20352) Used to Implant Linux Rootkits on Switches
Security researchers from Trend Research have uncovered a sophisticated campaign — dubbed “Operation Zero Disco” — in which attackers exploit a newly disclosed Cisco SNMP vulnerability (CVE-2025-20352 ... Read more
-
Daily CyberSecurity
Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs
The Samba Team has released an urgent security advisory addressing two vulnerabilities, including a critical command injection flaw (CVE-2025-10230) that could allow unauthenticated remote code execut ... Read more
-
Daily CyberSecurity
Critical RCE Flaw CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client Allows Server-Side Code Execution
The Apache Software Foundation has issued a new security advisory addressing a critical vulnerability in Apache ActiveMQ’s NMS AMQP Client, which could allow remote code execution (RCE) on systems con ... Read more
-
Daily CyberSecurity
China-Backed Flax Typhoon APT Maintained Year-Long Access by Turning ArcGIS SOE into Web Shell Backdoor
A newly released report from ReliaQuest reveals how the China-backed advanced persistent threat (APT) group “Flax Typhoon” maintained year-long access to an organization’s ArcGIS system by turning leg ... Read more
-
TheCyberThrone
CISA Expands KEV Catalog with Six Actively Exploited Vulnerabilities
October 16, 2025The Cybersecurity and Infrastructure Security Agency (CISA) continues its momentum in strengthening federal and enterprise cybersecurity posture, announcing new additions to its Known ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
Krypt3ia
GEOPOLITICAL THREAT INTELLIGENCE REPORT: Strategic Cyber Operations and Geopolitical Positioning by the PRC: SALT TYPHOON, U.S. Infrastructure, and Taiwan Contingency Planning
Date: October 15, 2025 Classification: TLP WHITE / STRATEGIC ANALYSIS Prepared by: Krypt3ia EXECUTIVE OVERVIEW This report provides an integrated geopolitical threat intelligence analysis of the Peopl ... Read more