Yasna | Cybersecurity news, filtered

Security Affairs 1 week, 3 days ago

U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May […]

More from Security Affairs 24 May 2026, 7:54 p.m. Incident · 2 stories Actively exploited CVE-2026-9082 America CISA CVE Critical Exchange Server Flaw Microsoft Patch Vulnerability

Info Security Magazine 2 months, 1 week ago

CISA Orders US Government to Patch Maximum Severity Cisco Flaw

CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns

More from Info Security Magazine 23 Mar 2026, 11:30 p.m. Actively exploited CVE-2026-20131 CISA CVE Cisco Flaw Government Patch Ransomware

Bleeping Computer 2 months, 2 weeks ago

CISA orders feds to patch max-severity Cisco flaw by Sunday

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. [...]

More from Bleeping Computer 21 Mar 2026, 4:09 a.m. Actively exploited CVE-2026-20131 CISA CVE Cisco Firewalls Flaw Patch Vulnerability

The Hacker News 4 months, 1 week ago

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild

More from The Hacker News 24 Jan 2026, 9:09 p.m. Actively exploited CVE-2024-37079 America CISA CVE Critical Flaw Patch VMware Virtualisation Vulnerability

Bleeping Computer 6 months, 1 week ago

CISA warns Oracle Identity Manager RCE flaw is being actively exploited

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. [...]

More from Bleeping Computer 22 Nov 2025, 12:50 p.m. Actively exploited CVE-2025-61757 0-Day America CISA CVE Flaw Government Oracle Patch Remote Code Execution Warning

Info Security Magazine 7 months ago

Actively Exploited WSUS Bug Added to CISA KEV List

Sysadmins are urged to patch WSUS vulnerability CVE-2025-59287 as soon as possible, with federal agencies required to update by November 14

More from Info Security Magazine 28 Oct 2025, 10:45 p.m. Actively exploited CVE-2025-59287 CISA CVE Patch Vulnerability

Bleeping Computer 10 months, 3 weeks ago

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. [...]

More from Bleeping Computer 12 Jul 2025, 2:45 a.m. Actively exploited CVE-2025-5777 America CISA CVE Citrix Patch Vulnerability

Dark Reading 1 year ago

Researcher Says Patched Commvault Bug Still Exploitable

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild.

More from Dark Reading 7 May 2025, 9:24 a.m. Actively exploited CVE-2025-34028 CISA CVE Patch Vulnerability

Dark Reading 2 years, 1 month ago

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.

More from Dark Reading 4 May 2024, 4:19 a.m. Actively exploited CVE-2023-7028 CISA CVE Critical Exploit Patch Source Code Theft Warning

Dark Reading 2 years, 5 months ago

CISA: Threat Actor Breached Federal Systems via Adobe ColdFusion Flaw

Adobe patched CVE-2023-26360 in March amid active exploit activity targeting the flaw.

More from Dark Reading 7 Dec 2023, 11:26 a.m. Actively exploited CVE-2023-26360 Adobe Breach CISA CVE Exploit Flaw Patch Threat Actor

Dark Reading 2 years, 6 months ago

'CitrixBleed' Linked to Ransomware Hit on China's State-Owned Bank

Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed.

More from Dark Reading 11 Nov 2023, 7:59 a.m. Actively exploited CVE-2023-4966 Banking CISA CVE China Exploit Exposure Finance Patch Ransomware

Bleeping Computer 2 years, 10 months ago

CISA: Citrix RCE bug exploited to breach critical infrastructure org

Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]

More from Bleeping Computer 22 Jul 2023, 12:51 a.m. Actively exploited CVE-2023-3519 0-Day America Breach CISA CVE Critical Critical Infrastructure Patch Remote Code Execution Threat Actor Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available