CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236)
Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked over 250 exploitation att ...
-
cert.pl
Vulnerabilities in OpenSolution QuickCMS software
Vulnerabilities in OpenSolution QuickCMS software CVE ID CVE-2025-9980 Publication date 23 October 2025 Vendor OpenSolution Product QuickCMS Vulnerable versions 6.8 Vulnerability type (CWE) Improper N ...
-
cert.pl
Vulnerabilities in firmware of Vilar VS-IPC1002 IP cameras
Vulnerabilities in firmware of Vilar VS-IPC1002 IP cameras CVE ID CVE-2025-53701 Publication date 23 October 2025 Vendor Vilar Product VS-IPC1002 Vulnerable versions 1.1.0.18 Vulnerability type (CWE) ...
-
CybersecurityNews
Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process
Atlassian has disclosed a high-severity path traversal vulnerability in Jira Software Data Center and Server that enables authenticated attackers to arbitrarily write files to any path accessible by t ...
-
CybersecurityNews
TARmageddon Vulnerability In Rust Library Let Attackers Replace Config Files And Execute Remote Codes
A severe vulnerability in the async-tar Rust library and its popular forks, including the widely used tokio-tar. Dubbed TARmageddon and tracked as CVE-2025-62518, the bug carries a CVSS score of 8.1, ...
-
CybersecurityNews
Multiple Oracle VM VirtualBox Vulnerabilities Enables Complete Takeover Of VirtualBox
Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control over the VirtualBox environment. ...
-
security.nl
Adobe waarschuwt webwinkels voor actief misbruik van kritiek beveiligingslek
Adobe waarschuwt webwinkels die gebruikmaken van Adobe Commerce en Magento Open Source voor actief misbruik van een kritieke kwetsbaarheid. Via het beveiligingslek kunnen aanvallers volledige controle ...
-
CybersecurityNews
Multiple BIND 9 DNS Vulnerabilities Enable Cache Poisoning and Denial of Service Attacks
The Internet Systems Consortium (ISC) disclosed three high-severity vulnerabilities in BIND 9 on October 22, 2025, potentially allowing remote attackers to conduct cache poisoning attacks or cause den ...
-
The Hacker News
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
Oct 23, 2025Ravie LakshmananData Breach / Vulnerability E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Co ...
-
The Hacker News
Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
Oct 23, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope ...