CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Apache OFBiz Flaw (CVE-2025-59118) Allows Remote Command Execution via Unrestricted File Upload
The Apache Software Foundation (ASF) has released an important security update for Apache OFBiz, its open-source enterprise resource planning (ERP) platform, addressing two newly disclosed vulnerabili ... Read more
-
Daily CyberSecurity
November Patch Tuesday: Microsoft Fixes 68 Flaws, Including Kernel Zero-Day Under Active Exploitation
Microsoft has released its November 2025 Patch Tuesday, addressing a total of 68 vulnerabilities, including a high-priority zero-day flaw already being actively exploited in the wild. This critical up ... Read more
-
TheCyberThrone
Microsoft Patch Tuesday November 2025
November 12, 2025November 11, 2025 marked another important Patch Tuesday from Microsoft, releasing security updates that address 63 vulnerabilities impacting a wide range of Microsoft products. This ... Read more
-
Daily CyberSecurity
Critical Authentication Bypass Vulnerability Found in Milvus Proxy (CVE-2025-64513, CVSS 9.3)
Milvus, a leading open-source vector database that powers AI and large-scale search applications, has disclosed a critical authentication bypass vulnerability in its Proxy component. Tracked as CVE-20 ... Read more
-
Daily CyberSecurity
Rockwell Automation Fixes Critical Privilege Escalation Flaw in Verve Asset Manager (CVE-2025-11862, CVSS 9.9)
Rockwell Automation has released a critical security advisory addressing a severe privilege escalation vulnerability (CVE-2025-11862, CVSS 9.9) discovered in its Verve Asset Manager platform — a unifi ... Read more
-
Daily CyberSecurity
New Android Rule: Google to Flag Battery-Draining Apps on Play Store Listings
Google has recently introduced a new “Excessive Wake Lock” metric for Android app developers. If an application exceeds the threshold set by Google, the Google Play Store will display a red warning ba ... Read more
-
Daily CyberSecurity
AI Boom Creates 2-Year HDD Backlog, Forcing Shift to QLC SSDs and Price Hikes
Fueled by the explosive growth of the artificial intelligence industry, demand for GPUs and other computing hardware has surged dramatically — and with it, the demand for memory. Western Digital’s aff ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
BleepingComputer
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. The security issue (CVE-202 ... Read more