CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Cherry Studio Flaw CVE-2025-61929 (CVSS 9.7) Allows One-Click RCE via Custom URL Protocol
A critical security flaw has been discovered in Cherry Studio, a cross-platform desktop client that supports multiple large language model (LLM) providers. Tracked as CVE-2025-61929 and rated CVSS 9.7 ...
-
Daily CyberSecurity
Critical Auth Bypass (CVE-2025-61928) in Better Auth Allows Hackers to Steal User API Keys
A critical authentication bypass vulnerability has been discovered in Better Auth, a popular framework-agnostic authentication and authorization library for TypeScript, used by developers to add secur ...
-
Daily CyberSecurity
Axis Communications Leaks Azure Credentials in Autodesk Plugin Via Hardcoded SAS Tokens
Trend Micro’s Threat Research team has uncovered a serious cloud credential exposure involving Axis Communications, a leading provider of network surveillance and security devices. The issue originate ...
-
Daily CyberSecurity
Massive RDP Botnet Unleashed: 100,000+ IPs in Coordinated Global Scanning Campaign Targeting US
GreyNoise Intelligence has issued an alert about a massive coordinated botnet operation targeting Remote Desktop Protocol (RDP) services across the United States. Since October 8, 2025, researchers ha ...
-
Daily CyberSecurity
Akira Ransomware Revives SonicWall Flaw CVE-2024-40766, Uses ‘UnPAC the Hash’ to Breach Networks
Image: Fortinet Between July and August 2025, global security teams have observed a resurgence in Akira ransomware incidents targeting organizations through SonicWall SSL VPN appliances, marking a ren ...
-
Daily CyberSecurity
Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode
Apple has announced a major overhaul of its Security Bounty vulnerability reward program, set to take effect this November, with a substantial increase in payout ceilings—making it one of the most luc ...
-
Daily CyberSecurity
CVE-2025-61927 (CVSS 9.4): Critical RCE Flaw Discovered in Happy DOM, Over 2.7 Million Weekly Downloads Impacted
A critical-severity vulnerability has been disclosed in Happy DOM, a popular JavaScript package used to emulate web browsers for testing, scraping, and server-side rendering (SSR). Tracked as CVE-2025 ...
-
The Hacker News
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oct 12, 2025Ravie LakshmananVulnerability / Threat Intelligence Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow un ...
-
TheCyberThrone
Critical Vulnerability CVE-2025-61884 Found in Oracle E-Business Suite
October 12, 2025Oracle E-Business Suite (EBS) — a cornerstone ERP platform for countless enterprises across the globe — faces a critical security vulnerability that demands immediate attention. Identi ...
-
CybersecurityNews
Cybersecurity Newsletter Weekly – Discord, Red Hat Data Breach, 7-Zip Vulnerabilities and Sonicwall Firewall Hack
Welcome to this week’s edition of the Cybersecurity Newsletter Weekly, where we dive into the most pressing threats and vulnerabilities shaping the digital landscape. As cyber risks continue to evolve ...