Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. [...]
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. [...]
2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. [...]
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]
Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [...]
The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. [...]
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. [...]
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.
The XFiles info-stealer malware has added a delivery module that exploits CVE-2022-30190, aka Follina, for dropping the payload on target computers. [...]