CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Trend Micro
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
Exploits & Vulnerabilities Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected ... Read more
-
krebsonsecurity.com
Patch Tuesday, October 2025 ‘End of 10’ Edition
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. Octo ... Read more
-
The Register
Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack
Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And ... Read more
-
The Cyber Express
Patch Tuesday October 2025: Three Zero-days Under Attack
Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional high-risk vulnerabilities. The three zero-days under attack were qu ... Read more
-
CybersecurityNews
PolarEdge With Custom TLS Server Uses Custom Binary Protocol for C2 Communication
A sophisticated backdoor malware targeting Internet of Things devices has surfaced, employing advanced communication techniques to maintain persistent access to compromised systems. The PolarEdge back ... Read more
-
BleepingComputer
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing t ... Read more
-
Zero Day Initiative
The October 2025 Security Update Review
CVE Title Severity CVSS Public Exploited Type CVE-2025-47827 * MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 Important 4.6 No Yes SFB CVE-2025-24990 Windows Agere Modem Driver Elevatio ... Read more
-
CybersecurityNews
FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process
Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to sidestep authentication entirely through brute-force ... Read more
-
CybersecurityNews
FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands
Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated attackers to execute arbitrary system commands. Tracked as C ... Read more
-
BleepingComputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities.This Patch Tuesday also addresses eight "Critical" vulnerabilitie ... Read more