CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack
Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And ... Read more
-
The Cyber Express
Patch Tuesday October 2025: Three Zero-days Under Attack
Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional high-risk vulnerabilities. The three zero-days under attack were qu ... Read more
-
CybersecurityNews
PolarEdge With Custom TLS Server Uses Custom Binary Protocol for C2 Communication
A sophisticated backdoor malware targeting Internet of Things devices has surfaced, employing advanced communication techniques to maintain persistent access to compromised systems. The PolarEdge back ... Read more
-
BleepingComputer
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing t ... Read more
-
Zero Day Initiative
The October 2025 Security Update Review
CVE Title Severity CVSS Public Exploited Type CVE-2025-47827 * MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 Important 4.6 No Yes SFB CVE-2025-24990 Windows Agere Modem Driver Elevatio ... Read more
-
CybersecurityNews
FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process
Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to sidestep authentication entirely through brute-force ... Read more
-
CybersecurityNews
FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands
Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated attackers to execute arbitrary system commands. Tracked as C ... Read more
-
BleepingComputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities.This Patch Tuesday also addresses eight "Critical" vulnerabilitie ... Read more
-
CybersecurityNews
Microsoft October 2025 Patch Tuesday – 4 Zero-days and 172 Vulnerabilities Patched
Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 172 vulnerabilities across its ecosystem, including four zero-day flaws, of which two are actively exploited in the ... Read more
-
BleepingComputer
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters e ... Read more