Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

33 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 33 Filtered view

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026

More from The Hacker News 15 May 2026, 5:28 p.m. Incident · 7 stories Actively exploited CVE-2026-20182 America Authentication Bypass CISA CVE Cisco Critical Disclosure Exploit Vulnerability

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge

More from The Hacker News 29 Apr 2026, 5:34 p.m. Incident · 3 stories Actively exploited CVE-2026-42208 CVE Critical Disclosure Flaw Python SQL Threat Actor Vulnerability

A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig

More from The Hacker News 10 Apr 2026, 7:37 p.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Critical Disclosure Flaw Open Source Python Remote Code Execution Vulnerability

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities

More from The Hacker News 21 Mar 2026, 4:15 a.m. Actively exploited CVE-2026-33017 API Authentication CVE Critical Disclosure Flaw Remote Code Execution Threat Actor Vulnerability

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software

More from The Hacker News 19 Mar 2026, 5:00 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Critical Disclosure Exploit Firewalls Flaw Java Ransomware Root Unauthenticated Vulnerability Warning

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and  The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the

More from The Hacker News 21 Feb 2026, 4:45 a.m. Actively exploited CVE-2026-1731 CVE Critical Data Exfiltration Disclosure Flaw Threat Actor Vulnerability

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025

More from The Hacker News 7 Oct 2025, 6:12 p.m. Actively exploited CVE-2025-61882 CVE Critical Crowdstrike Disclosure Exploit Flaw Oracle Threat Actor Vulnerability

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks

More from The Hacker News 14 May 2025, 3:13 a.m. Actively exploited CVE-2025-31324 Advanced Persistent Threat Breach CVE China Critical Critical Infrastructure Disclosure Exploit Flaw Nation State Remote Code Execution Unauthenticated Vulnerability