Yasna | Cybersecurity news, filtered

Bleeping Computer 4 months ago

Russian hackers exploit recently patched Microsoft Office bug in attacks

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. [...]

More from Bleeping Computer 3 Feb 2026, 10:00 a.m. Actively exploited CVE-2026-21509 CVE Exploit Microsoft Microsoft Office Patch Russia Ukraine Vulnerability

Bank Info Security 9 months, 3 weeks ago

Russian Hackers Exploit WinRAR Zero-Day

RomCom Group Deployed SnipBot, RustyClaw and Mythic Agent VariantsA Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation. The campaign exploited a vulnerability now tracked as CVE-2025-8088, a path traversal vulnerability.

More from Bank Info Security 13 Aug 2025, 9:00 a.m. Actively exploited CVE-2025-8088 0-Day Advanced Persistent Threat CVE Exploit Flaw Hacking Russia Vulnerability

The Hacker News 1 year, 2 months ago

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp

More from The Hacker News 1 Apr 2025, 5:41 a.m. Actively exploited CVE-2025-26633 0-Day CVE Exploit Hacking Microsoft Patch Russia Threat Actor Vulnerability

The Hacker News 1 year, 2 months ago

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia. The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a

More from The Hacker News 26 Mar 2025, 5:56 p.m. Actively exploited CVE-2025-2783 0-Day CVE Chrome Exploit Flaw Google Microsoft Patch Russia Vulnerability

Trend Micro Research, News and Perspectives 1 year, 2 months ago

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

More from Trend Micro Research, News and Perspectives 25 Mar 2025, 1:00 p.m. Actively exploited CVE-2025-26633 0-Day CVE Exploit Malicious Code Microsoft Research Russia Threat Actor Vulnerability

Dark Reading 2 years, 1 month ago

Russia's Fancy Bear Pummels Windows Print Spooler Bug

The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.

More from Dark Reading 24 Apr 2024, 1:21 a.m. Actively exploited CVE-2022-38028 America CVE Europe Exploit Microsoft Russia Threat Actor Tools Ukraine

Dark Reading 2 years, 5 months ago

Russian Espionage Group Hammers Zero-Click Microsoft Outlook Bug

State-sponsored actors continue to exploit CVE-2023-23397, a dangerous no-interaction vulnerability in Microsoft's Outlook email client that was patched in March, in a widespread global campaign.

More from Dark Reading 9 Dec 2023, 4:00 a.m. Actively exploited CVE-2023-23397 CVE Email Exploit Microsoft Nation State Patch Russia Vulnerability Zero-Click

Info Security Magazine 2 years, 5 months ago

Russian APT28 Exploits Outlook Bug to Access Exchange

Notorious Russian APT28 group is actively exploiting CVE-2023-23397 to hijack Exchange email accounts

More from Info Security Magazine 5 Dec 2023, 11:40 p.m. Actively exploited CVE-2023-23397 CVE Email Exploit Russia

Bleeping Computer 2 years, 6 months ago

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies

After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]

More from Bleeping Computer 20 Nov 2023, 5:14 a.m. Actively exploited CVE-2023-38831 CVE Cyberattack Exploit Nation State Russia Sandworm Vulnerability

Bleeping Computer 3 years, 11 months ago

Russian hackers start targeting Ukraine with Follina exploits

Ukraine's Computer Emergency Response Team (CERT) is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) currently tracked as CVE-2022-30190. [...]

More from Bleeping Computer 14 Jun 2022, 2:28 a.m. Actively exploited CVE-2022-30190 CVE Exploit Hacking Microsoft Remote Code Execution Russia Sandworm Tools Ukraine Vulnerability Warning

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available