CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
Oct 22, 2025Ravie LakshmananCyber Espionage / Vulnerability Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications com ...
-
CybersecurityNews
Critical Vulnerability In Oracle E-Business Suite’s Marketing Product Allows Full Access To Attackers
Oracle has disclosed two critical vulnerabilities in its E-Business Suite’s Marketing product that could hand full control to remote attackers. Dubbed CVE-2025-53072 and CVE-2025-62481, these flaws af ...
-
Daily CyberSecurity
Two Critical Oracle Marketing Flaws (CVE-2025-53072, CVE-2025-62481) — Patch Immediately or Risk Full Takeover
Oracle has released its October 2025 Critical Patch Update (CPU), fixing a massive 374 security vulnerabilities and urgently addressing two flaws that could allow unauthenticated attackers to complete ...
-
security.nl
TP-Link dicht kritiek command injection-lek in Omada-gateways
TP-Link heeft firmware-updates uitgebracht voor een kritieke kwetsbaarheid in de Omada-gateways waardoor een ongeauthenticeerde aanvaller op afstand OS-commando's op het apparaat kan uitvoeren. Omada- ...
-
BleepingComputer
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunicati ...
-
Daily CyberSecurity
GitLab Patches High Runner Hijacking Flaw (CVE-2025-11702) and Multiple DoS Vulnerabilities
GitLab has released versions 18.5.1, 18.4.3, and 18.3.5 for both Community Edition (CE) and Enterprise Edition (EE) to address multiple vulnerabilities — including two high-severity flaws that could a ...
-
CybersecurityNews
ZYXEL Authorization Bypass Vulnerability Let Attackers View and Download System Configuration
A critical authorization bypass vulnerability has emerged in ZYXEL’s ATP and USG series network security appliances, allowing attackers to circumvent two-factor authentication protections and gain una ...
-
The Hacker News
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Oct 22, 2025Ravie LakshmananVulnerability / Data Protection Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, inclu ...
-
The Cyber Express
Ransomware Attacks Escalate in APAC Targeting VPN Flaws, Microsoft 365 Logins, Python Scripts
The Asia-Pacific (APAC) region is seeing a rapid surge in number of cyberattacks aimed at its enterprises’, a new report suggests. According to Barracuda’s SOC Threat Radar report, threat actors are i ...
-
The Hacker News
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
Oct 22, 2025Ravie LakshmananVulnerability / Network Security TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that co ...