CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Microsoft kills 9.9-rated ASP.NET Core bug – 'our highest ever' score
Microsoft has patched an ASP.NET Core vulnerability with a CVSS score of 9.9, which security program manager Barry Dorrans said was "our highest ever." The flaw is in the Kestrel web server component ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
The Register
Senator presses Cisco over firewall flaws that burned US agency
US Senator Bill Cassidy has fired off a pointed letter to Cisco over the firewall flaws that allegedly let hackers breach "at least one federal agency." Cassidy's letter [PDF] to Cisco CEO Chuck Robbi ... Read more
-
CybersecurityNews
CISA Warns Of Windows Improper Access Control Vulnerability Exploited In Attacks
CISA has added a critical Microsoft Windows vulnerability to its Known Exploited Vulnerabilities catalog, warning organizations that threat actors are actively exploiting it in real-world attacks. Ide ... Read more
-
The Hacker News
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Oct 16, 2025Ravie LakshmananVulnerability / Linux Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software an ... Read more
-
cert.pl
Vulnerability in Strapi software
Vulnerability in Strapi software CVE ID CVE-2025-3930 Publication date 16 October 2025 Vendor Strapi Product Strapi Vulnerable versions All before 5.24.1 Vulnerability type (CWE) Insufficient Session ... Read more
-
DataBreaches.Net
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Lawrence Abrams reports: Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly lea ... Read more
-
security.nl
Amerikaanse senator wil meer informatie van Cisco over aangevallen lekken
De Amerikaanse senator Bill Cassidy wil dat Cisco meer informatie geeft over twee aangevallen kwetsbaarheden, zo blijkt uit een open brief aan Cisco-topman Chuck Robbins. Aanleiding voor het verzoek i ... Read more
-
CybersecurityNews
Critical Apache ActiveMQ Vulnerability Let Attackers Execute Arbitrary Code
The Apache Software Foundation has disclosed a critical vulnerability in its ActiveMQ NMS AMQP Client that could allow attackers to execute arbitrary code on vulnerable systems. Tracked as CVE-2025-54 ... Read more