CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
The Hacker News
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Oct 09, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gai ... Read more
-
The Cyber Express
The Power of Two: Why MFA Matters More Than Ever
In a world where passwords are stolen, phished, or guessed every second, multifactor authentication (MFA) has quietly become one of the most effective shields against cyberattacks. Whether you call it ... Read more
-
Huntress
Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw
TL;DR: Huntress has discovered in-the-wild exploitation of an unauthenticated Local File Inclusion flaw (CVE-2025-11371) in Gladinet CentreStack and Triofox products. While there is not yet a patch fo ... Read more
-
CrowdStrike.com
CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)
CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability — now tracked as CVE-2025-61882 — targeting Oracle E-Business Suite (EBS) applications f ... Read more
-
seclists.org
CVE-2025-59397 - Open Web Analytics SQL Injection
Full Disclosure mailing list archives From: Seralys Research Team via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 8 Oct 2025 12:19:56 +0000 Seralys Security Advisory | https://www.seral ... Read more
-
Daily CyberSecurity
GitHub Adds Sign in with Apple for Seamless Login and Anonymous Email Protection
The code-hosting platform GitHub recently introduced Google account sign-in, allowing users to log in swiftly using their Google credentials. This feature is particularly convenient for Chrome users, ... Read more
-
Daily CyberSecurity
1Password Launches Secure Agentic Autofill with Human-in-the-Loop to Protect Credentials from AI Agents
Major AI platforms are increasingly developing browser-based intelligent agents capable of performing tasks such as browsing the web, booking tickets, and even creating music playlists. However, this ... Read more
-
Daily CyberSecurity
Critical Flowise RCE Flaw: CVE-2025-61913 (CVSS 10.0) Allows Arbitrary File Write
The maintainers of Flowise, an open-source generative AI development platform for building AI agents and LLM workflows, have released an urgent security update addressing a critical vulnerability (CVE ... Read more
-
Daily CyberSecurity
IBM Partners with Anthropic to Embed Claude AI in New Development Tools, Reporting 45% Productivity Boost
IBM recently announced a strategic partnership with Anthropic, aiming to deeply integrate Anthropic’s Claude generative AI models into IBM’s software products and development platforms. The collaborat ... Read more