Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Showing 7 most recent headlines Filtered view

The Hacker News 2 weeks, 5 days ago

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026

More from The Hacker News 15 May 2026, 5:28 p.m. Incident · 7 stories Actively exploited CVE-2026-20182 America Authentication Bypass CISA CVE Cisco Critical Disclosure Exploit Vulnerability

Bleeping Computer 10 months ago

Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. [...]

More from Bleeping Computer 30 Jul 2025, 4:10 a.m. Actively exploited CVE-2025-31324 America CVE Critical Cyberattack Exploit Linux Malware Vulnerability

The Hacker News 10 months, 1 week ago

CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation

More from The Hacker News 23 Jul 2025, 4:40 p.m. Actively exploited CVE-2025-49704 CVE-2025-49706 America CISA CVE China Exploit Flaw Microsoft Vulnerability

The Hacker News 10 months, 3 weeks ago

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild

More from The Hacker News 11 Jul 2025, 4:25 p.m. Actively exploited CVE-2025-5777 America CISA CVE Citrix Critical Exploit Flaw Vulnerability

The Hacker News 11 months, 2 weeks ago

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when

More from The Hacker News 17 Jun 2025, 8:12 p.m. Actively exploited CVE-2023-33538 America CISA CVE Exploit Flaw Routers Vulnerability Wireless

Dark Reading 2 years, 1 month ago

Russia's Fancy Bear Pummels Windows Print Spooler Bug

The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.

More from Dark Reading 24 Apr 2024, 1:21 a.m. Actively exploited CVE-2022-38028 America CVE Europe Exploit Microsoft Russia Threat Actor Tools Ukraine

Bleeping Computer 2 years, 5 months ago

Hackers breach US govt agencies using Adobe ColdFusion exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]

More from Bleeping Computer 6 Dec 2023, 6:07 a.m. Actively exploited CVE-2023-26360 Adobe America Breach CISA CVE Critical Exploit Government Initial Access Vulnerability Warning