Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Showing 5 most recent headlines Filtered view

The Hacker News 1 year ago

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware

More from The Hacker News 28 May 2025, 11:00 p.m. Actively exploited CVE-2025-32432 CVE Cryptocurrency Cryptominer Disclosure Exploit Flaw Patch Remote Code Execution Threat Actor Vulnerability

Bleeping Computer 1 year, 4 months ago

Hackers exploit critical Aviatrix Controller RCE flaw in attacks

Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. [...]

More from Bleeping Computer 14 Jan 2025, 6:57 a.m. Actively exploited CVE-2024-50603 CVE Critical Cryptocurrency Cryptominer Exploit Flaw Remote Code Execution Threat Actor Vulnerability

Dark Reading 1 year, 9 months ago

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

More from Dark Reading 29 Aug 2024, 6:03 a.m. Actively exploited CVE-2023-22527 Attack Vector CVE Cloud Critical Cryptocurrency Exploit Flaw Remote Code Execution

The Hacker News 1 year, 11 months ago

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining

More from The Hacker News 7 Jun 2024, 1:14 a.m. Actively exploited CVE-2023-33246 Apache Botnet CVE Critical Cryptocurrency DoS Exploit Flaw Infection IoT Linux Malware Remote Code Execution

Trend Micro Research, News and Perspectives 4 years, 1 month ago

Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners

Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners.

More from Trend Micro Research, News and Perspectives 20 Apr 2022, 12:00 p.m. Actively exploited CVE-2022-22965 CVE Cryptocurrency Remote Code Execution Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

Hackers exploit critical Aviatrix Controller RCE flaw in attacks

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners