CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack
GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities t ... Read more
-
The Cyber Express
CISA Warns of Actively Exploited Zero-Day XSS Flaw in Zimbra Collaboration Suite
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent alert concerning an actively exploited zero-day vulnerability in the Zimbra Collaboration Suite (ZCS). The flaw, ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
The Hacker News
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Oct 09, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gai ... Read more
-
The Cyber Express
The Power of Two: Why MFA Matters More Than Ever
In a world where passwords are stolen, phished, or guessed every second, multifactor authentication (MFA) has quietly become one of the most effective shields against cyberattacks. Whether you call it ... Read more
-
Huntress
Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw
TL;DR: Huntress has discovered in-the-wild exploitation of an unauthenticated Local File Inclusion flaw (CVE-2025-11371) in Gladinet CentreStack and Triofox products. While there is not yet a patch fo ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
seclists.org
CVE-2025-59397 - Open Web Analytics SQL Injection
Full Disclosure mailing list archives From: Seralys Research Team via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 8 Oct 2025 12:19:56 +0000 Seralys Security Advisory | https://www.seral ... Read more
-
Daily CyberSecurity
GitHub Adds Sign in with Apple for Seamless Login and Anonymous Email Protection
The code-hosting platform GitHub recently introduced Google account sign-in, allowing users to log in swiftly using their Google credentials. This feature is particularly convenient for Chrome users, ... Read more
-
Daily CyberSecurity
1Password Launches Secure Agentic Autofill with Human-in-the-Loop to Protect Credentials from AI Agents
Major AI platforms are increasingly developing browser-based intelligent agents capable of performing tasks such as browsing the web, booking tickets, and even creating music playlists. However, this ... Read more