Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 9 most recent headlines Filtered view

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

More from The Hacker News 28 Mar 2026, 8:07 p.m. Actively exploited CVE-2025-53521 America CISA CVE Critical F5 Flaw Remote Code Execution Threat Actor Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. [...]

More from Bleeping Computer 4 Mar 2026, 12:40 p.m. Actively exploited CVE-2026-22719 America CISA CVE Flaw Remote Code Execution VMware Virtualisation Vulnerability

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. [...]

More from Bleeping Computer 22 Nov 2025, 12:50 p.m. Actively exploited CVE-2025-61757 0-Day America CISA CVE Flaw Government Oracle Patch Remote Code Execution Warning

The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

More from Bleeping Computer 22 Jul 2023, 12:51 a.m. Actively exploited CVE-2023-3519 0-Day America Breach CVE Critical Critical Infrastructure Government Patch Remote Code Execution Threat Actor Vulnerability Warning

Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

More from Bleeping Computer 22 Jul 2023, 12:51 a.m. Actively exploited CVE-2023-3519 0-Day America Breach CISA CVE Critical Critical Infrastructure Patch Remote Code Execution Threat Actor Vulnerability
Bleeping Computer 3 years, 3 months ago

CISA warns of hackers exploiting ZK Java Framework RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added CVE-2022-36537 to its "Known Exploited Vulnerabilities Catalog" after threat actors began actively exploiting the remote code execution (RCE) flaw in attacks. [...]

More from Bleeping Computer 1 Mar 2023, 10:37 a.m. Actively exploited CVE-2022-36537 America CISA CVE Flaw Framework Java Remote Code Execution Threat Actor Vulnerability Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation." The critical severity flaw, assigned the identifier CVE-2022-22965 (CVSS score: 9.8) and dubbed "Spring4Shell", impacts Spring

More from The Hacker News 5 Apr 2022, 7:31 p.m. Actively exploited CVE-2022-22965 America CISA CVE Critical Disclosure Flaw Framework Remote Code Execution Vulnerability Warning