CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Microsoft Patches Edge IE Mode After Hackers Exploited Chakra Zero-Day for Device Takeover
After discovering that hackers were exploiting a zero-day vulnerability in the Chakra JavaScript engine used by Internet Explorer versions 9, 10, and 11, Microsoft has taken swift action to modify the ... Read more
-
Daily CyberSecurity
Critical Supply Chain Flaw: Clevo UEFI Firmware Leaked Intel Boot Guard Private Keys (CVE-2025-11577)
The CERT Coordination Center (CERT/CC) has issued a warning regarding a critical supply chain vulnerability — CVE-2025-11577 — after researchers discovered that Clevo’s UEFI firmware update packages a ... Read more
-
Daily CyberSecurity
Critical Elastic Cloud Flaw: CVE-2025-37729 (CVSS 9.1) Allows RCE via Jinjava Template Injection
Elastic has released urgent security updates for Elastic Cloud Enterprise (ECE) to patch a critical vulnerability (CVE-2025-37729) that could allow attackers with administrative access to exfiltrate s ... Read more
-
Daily CyberSecurity
RMPocalypse Flaw (CVE-2025-0033) Bypasses AMD SEV-SNP to Fully Compromise Encrypted VMs
A research team from ETH Zurich has disclosed a critical vulnerability — CVE-2025-0033, dubbed RMPocalypse — that undermines AMD’s confidential computing technology across its Zen 3, Zen 4, and Zen 5 ... Read more
-
Daily CyberSecurity
Stealth C2: Hackers Abuse Discord Webhooks for Covert Data Exfiltration in npm, PyPI, and RubyGems Supply Chain Attacks
The Socket Threat Research Team has uncovered a growing trend among malicious package developers: leveraging Discord webhooks as command-and-control (C2) endpoints to exfiltrate sensitive data from de ... Read more
-
Daily CyberSecurity
iPhone Fold Hinge Costs Drop to $70-$80, Boosting Viability for Mass Production in 2026
The long-rumored foldable iPhone — tentatively referred to as the iPhone Fold — has yet to be officially announced, but numerous reports have already surfaced detailing its production logistics and co ... Read more
-
Ars Technica
Hackers can steal 2FA codes and private messages from Android phones
STEALING CODES ONE PIXEL AT A TIME Malicious app required to make "Pixnapping" attack work requires no permissions. Samsung's S25 phones. Credit: Samsung Android devices are vulnerable to a new attack ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
The Cyber Express
Oracle Patches New E-Business Suite Flaw as CL0P Claims Harvard as Victim
Oracle rushed out a patch over the weekend for a new E-Business Suite vulnerability that can be exploited remotely without authentication. The vulnerability – CVE-2025-61884 – carries a 7.5 high-sever ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more