Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale

More from The Hacker News 3 Apr 2026, 8:30 a.m. Actively exploited CVE-2025-55182 API Amazon Amazon Web Services Breach CVE Cisco Credentials Database Exploit Github Infection SSH Theft Vulnerability

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies

More from The Hacker News 21 Feb 2025, 8:38 p.m. Actively exploited CVE-2018-0171 America CVE China Cisco Confirmation Credentials Flaw Threat Actor Victims