CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA Adds Grafana CVE-2021-43798 to KEV
October 10, 2025The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included Grafana CVE-2021-43798 in its Known Exploited Vulnerabilities (KEV) catalog in October 2025, signalling to ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
Daily CyberSecurity
MediaTek Issues October 2025 Security Bulletin Addressing Multiple High-Severity Vulnerabilities Across Wi-Fi and GNSS Chipsets
MediaTek has released its October 2025 Product Security Bulletin, disclosing a set of high- and medium-severity vulnerabilities affecting a wide range of its Wi-Fi (WLAN) and GNSS (Global Navigation S ... Read more
-
Daily CyberSecurity
ClickFix Phishing: New Automated Kits Trick Users Into Manually Running Malware and Stealers
Researchers from Palo Alto Networks Unit 42 have discovered a new phishing trend where attackers trick victims into manually executing malware on their own devices. The report exposes a commoditized p ... Read more
-
Daily CyberSecurity
TP-Link Router Flaw CVE-2023-28760 Allows Root RCE via LAN, PoC Available
Security researcher Rocco Calvi detailed a critical flaw in the TP-Link AX1800 WiFi 6 Router (Archer AX21/AX20) that allows attackers on the local network to achieve remote code execution (RCE) as the ... Read more
-
The Register
RondoDox botnet fires 'exploit shotgun' at nearly every router and internet-connected home device
A new RondoDox botnet campaign uses an "exploit shotgun" - fire at everything, see what hits - to target 56 vulnerabilities across at least 30 different vendors' routers, DVRs, CCTV systems, web serve ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
CybersecurityNews
Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access
Over the past two months, threat actors have weaponized a critical authentication bypass flaw in the Service Finder Bookings WordPress plugin, enabling them to hijack any account on compromised sites. ... Read more
-
BleepingComputer
Hackers now use Velociraptor DFIR tool in ransomware attacks
Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. Cisco Talos researchers assess with medium c ... Read more
-
The Register
Crims had 3-month head start on defenders in Oracle EBS invasion
The raid on Oracle E-Business Suite (EBS) likely began as early as July - about three months before any public detections - with extortionists compromising "dozens" of organizations, a Google investig ... Read more