CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
The Hacker News
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
Oct 16, 2025Ravie LakshmananVulnerability / Data Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Mana ... Read more
-
Daily CyberSecurity
Apple Planning $350 Smart Display (2026) and Robotic Desktop Device (2027), Manufactured in Vietnam
According to a report by Bloomberg News, Apple is actively expanding its smart home product line, with plans to launch a smart display featuring an integrated FaceTime camera in 2026, followed by the ... Read more
-
Daily CyberSecurity
Broadcom Shifts VMware Workstation/Fusion to Year-Based Versioning with New 25H2 Release
Broadcom has recently announced a change to the versioning system of its virtualization software, VMware Workstation Pro and Fusion Pro. Starting with the latest release, the company will no longer us ... Read more
-
Daily CyberSecurity
CISA Emergency Alert: Critical Adobe AEM Flaw (CVE-2025-54253, CVSS 10.0) Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager (AEM) vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, following confirmati ... Read more
-
Daily CyberSecurity
Operation Zero Disco: Critical Cisco SNMP Flaw (CVE-2025-20352) Used to Implant Linux Rootkits on Switches
Security researchers from Trend Research have uncovered a sophisticated campaign — dubbed “Operation Zero Disco” — in which attackers exploit a newly disclosed Cisco SNMP vulnerability (CVE-2025-20352 ... Read more
-
Daily CyberSecurity
Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs
The Samba Team has released an urgent security advisory addressing two vulnerabilities, including a critical command injection flaw (CVE-2025-10230) that could allow unauthenticated remote code execut ... Read more
-
Daily CyberSecurity
Critical RCE Flaw CVE-2025-54539 in Apache ActiveMQ NMS AMQP Client Allows Server-Side Code Execution
The Apache Software Foundation has issued a new security advisory addressing a critical vulnerability in Apache ActiveMQ’s NMS AMQP Client, which could allow remote code execution (RCE) on systems con ... Read more
-
Daily CyberSecurity
China-Backed Flax Typhoon APT Maintained Year-Long Access by Turning ArcGIS SOE into Web Shell Backdoor
A newly released report from ReliaQuest reveals how the China-backed advanced persistent threat (APT) group “Flax Typhoon” maintained year-long access to an organization’s ArcGIS system by turning leg ... Read more