CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, b ... Read more
-
The Cyber Express
Attackers Deployed Medusa Ransomware via GoAnywhere MFT Zero-Day
Cybercriminals exploited a critical deserialization flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) tool—tracked as CVE-2025-10035—to drop Medusa ransomware, Microsoft disclosed Monday. The ca ... Read more
-
CybersecurityNews
GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware
A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the Storm-1175 group to execute the Medusa ransomware. The vulnerability ... Read more
-
security.nl
Redis dicht kritieke kwetsbaarheid die aanvaller code op server laat uitvoeren
De makers van Redis, een cachingoplossing die als databaseserver kan worden gebruikt of kan helpen om de prestaties van databases te verbeteren, hebben een kritieke kwetsbaarheid gepatcht waardoor aan ... Read more
-
CybersecurityNews
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as ... Read more
-
Kaspersky
The CVE-2025-59489 vulnerability in Unity, and how to fix it in games | Kaspersky official blog
In early October, Unity announced that game developers have a lot of work to do. The popular game engine, used for PC, console and mobile games, has a software vulnerability in it that requires all pu ... Read more
-
security.nl
FBI roept Oracle EBS-klanten op om noodpatch meteen te installeren
De FBI heeft organisaties die van Oracle E-Business Suite (EBS) gebruikmaken opgeroepen om een zaterdag uitgebrachte noodpatch meteen te installeren. "Dit is een "stop-wat-je-aan-het-doen-bent en patc ... Read more
-
The Hacker News
13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code executi ... Read more
-
The Hacker News
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere ... Read more
-
security.nl
Microsoft: kritiek GoAnywhere MFT-lek gebruikt bij ransomware-aanvallen
Een kritieke kwetsbaarheid in Fortra GoAnywhere MFT is gebruikt bij ransomware-aanvallen en op het moment van de aanvallen was er nog geen beveiligingsupdate voor het probleem beschikbaar. Dat laat Mi ... Read more