CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
AttackIQ
Response to Oracle Security Alert Advisory: Oracle E-Business Suite Pre-Auth RCE (CVE-2025-61882)
On October 4, 2025, Oracle published a Security Alert Advisory addressing the CVE-2025-61882 vulnerability in Oracle E-Business Suite (EBS). This vulnerability allows unauthenticated attackers to exec ... Read more
-
BleepingComputer
RondoDox botnet targets 56 n-day flaws in worldwide attacks
A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. The attacker focuses on ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
Help Net Security
Legit tools, illicit uses: Velociraptor, Nezha turned against victims
Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their atta ... Read more
-
security.nl
Google: Oracle EBS-lek gebruikt voor grootschalige afpersingscampagne
Een kritieke kwetsbaarheid in Oracle E-Business Suite (EBS) is sinds 9 augustus misbruikt voor een grootschalige afpersingscampagne door criminelen, zo laat Google in een analyse weten. Oracle kwam op ... Read more
-
Google Cloud
Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Introduction Beginning Sept. 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant began t ... Read more
-
CybersecurityNews
Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks
Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. ... Read more
-
TheCyberThrone
GitLab’s Latest DoS Vulnerability CVE-2025-10004
October 9, 2025GitLab, a leading DevOps platform, recently patched a critical Denial of Service (DoS) vulnerability discovered in October 2025. This security flaw, tracked as CVE-2025-10004, exposes G ... Read more
-
The Hacker News
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platf ... Read more
-
BleepingComputer
Hacktivists target critical infrastructure, hit decoy plant
A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure. Recently, the threat actor cl ... Read more