CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs
The Samba Team has released an urgent security advisory addressing two vulnerabilities, including a critical command injection flaw (CVE-2025-10230) that could allow unauthenticated remote code execut ... Read more
-
Daily CyberSecurity
Critical RCE Flaw CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client Allows Server-Side Code Execution
The Apache Software Foundation has issued a new security advisory addressing a critical vulnerability in Apache ActiveMQ’s NMS AMQP Client, which could allow remote code execution (RCE) on systems con ... Read more
-
Daily CyberSecurity
China-Backed Flax Typhoon APT Maintained Year-Long Access by Turning ArcGIS SOE into Web Shell Backdoor
A newly released report from ReliaQuest reveals how the China-backed advanced persistent threat (APT) group “Flax Typhoon” maintained year-long access to an organization’s ArcGIS system by turning leg ... Read more
-
TheCyberThrone
CISA Expands KEV Catalog with Six Actively Exploited Vulnerabilities
October 16, 2025The Cybersecurity and Infrastructure Security Agency (CISA) continues its momentum in strengthening federal and enterprise cybersecurity posture, announcing new additions to its Known ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
Krypt3ia
GEOPOLITICAL THREAT INTELLIGENCE REPORT: Strategic Cyber Operations and Geopolitical Positioning by the PRC: SALT TYPHOON, U.S. Infrastructure, and Taiwan Contingency Planning
Date: October 15, 2025 Classification: TLP WHITE / STRATEGIC ANALYSIS Prepared by: Krypt3ia EXECUTIVE OVERVIEW This report provides an integrated geopolitical threat intelligence analysis of the Peopl ... Read more
-
CybersecurityNews
New SAP NetWeaver Vulnerabilities Allow Attackers to Bypass Authorization and Execute OS Commands
SAP released its October 2025 Security Patch Day fixes, addressing 13 new vulnerabilities and updating four prior notes, with several critical flaws in NetWeaver enabling attackers to sidestep authori ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Microsoft Patch Tuesday Oct 2025 Fixs 175 Vulnerabilities including 3 Zero-Days
Microsoft Patch Tuesday for October 2025 was massive, delivering over 170 security fixes, making immediate patching mandatory due to the volume and critical nature of the vulnerabilities across Window ... Read more
-
Help Net Security
F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company con ... Read more