Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Showing 5 most recent headlines Filtered view

Bank Info Security 5 months, 2 weeks ago

Nation-State and Cybercrime Exploits Tied to React2Shell

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

More from Bank Info Security 16 Dec 2025, 6:30 a.m. Actively exploited CVE-2025-55182 CVE China Cryptocurrency DoS Exploit Iran Malware Nation State North Korea Vulnerability Warning

The Hacker News 1 year, 11 months ago

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining

More from The Hacker News 7 Jun 2024, 1:14 a.m. Actively exploited CVE-2023-33246 Apache Botnet CVE Critical Cryptocurrency DoS Exploit Flaw Infection IoT Linux Malware Remote Code Execution

Trend Micro Research, News and Perspectives 2 years, 6 months ago

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

More from Trend Micro Research, News and Perspectives 20 Nov 2023, 1:00 p.m. Actively exploited CVE-2023-46604 Apache CVE Cryptocurrency Cryptominer Linux Malware Vulnerability

Bleeping Computer 2 years, 9 months ago

WinRAR zero-day exploited since April to hack trading accounts

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]

More from Bleeping Computer 24 Aug 2023, 1:53 a.m. Actively exploited CVE-2023-38831 0-Day Breach CVE Cryptocurrency Hacking Malware Vulnerability

Trend Micro Research, News and Perspectives 3 years, 8 months ago

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

More from Trend Micro Research, News and Perspectives 21 Sep 2022, 12:00 p.m. Actively exploited CVE-2022-26134 CVE Cryptocurrency Exploit Malware Patch Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Nation-State and Cybercrime Exploits Tied to React2Shell

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

WinRAR zero-day exploited since April to hack trading accounts

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware