Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

77 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 77 Filtered view

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability

A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig

More from The Hacker News 10 Apr 2026, 7:37 p.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Critical Disclosure Flaw Open Source Python Remote Code Execution Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

More from The Hacker News 28 Mar 2026, 8:07 p.m. Actively exploited CVE-2025-53521 America CISA CVE Critical F5 Flaw Remote Code Execution Threat Actor Vulnerability

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities

More from The Hacker News 21 Mar 2026, 4:15 a.m. Actively exploited CVE-2026-33017 API Authentication CVE Critical Disclosure Flaw Remote Code Execution Threat Actor Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. [...]

More from Bleeping Computer 4 Mar 2026, 12:40 p.m. Actively exploited CVE-2026-22719 America CISA CVE Flaw Remote Code Execution VMware Virtualisation Vulnerability

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-21962 and CVE-2026-24061. [...]

More from Bleeping Computer 15 Feb 2026, 5:02 a.m. Actively exploited CVE-2026-21962 CVE-2026-24061 CVE Critical Mobile Remote Code Execution Threat Actor Vulnerability

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already compromised over 30 organizations across multiple sectors. [...]

More from Bleeping Computer 7 Dec 2025, 8:07 a.m. Actively exploited CVE-2025-55182 Breach CVE Compromise Critical Exposure Flaw Remote Code Execution Research Vulnerability
Trend Micro Research, News and Perspectives 5 months, 4 weeks ago

Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know

CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks (see the context section for a more exhaustive list of affected frameworks).

More from Trend Micro Research, News and Perspectives 5 Dec 2025, 1:00 p.m. Actively exploited CVE-2025-55182 Authentication CVE Critical Framework Remote Code Execution Vulnerability

If at first you don’t succeed, patch and patch again More threat intel teams are sounding the alarm about a critical Windows Server Update Services (WSUS) remote code execution vulnerability, tracked as CVE-2025-59287 and now under active exploitation, just days after Microsoft pushed an emergency patch and the US Cybersecurity and Infrastructure Security Agency added the bug to its Known Exploited Vulnerabilities catalog.…

More from The Register 28 Oct 2025, 12:54 p.m. Actively exploited CVE-2025-59287 CVE Critical Google Intel Microsoft Patch Remote Code Execution Vulnerability
Trend Micro Research, News and Perspectives 7 months, 2 weeks ago

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series.

More from Trend Micro Research, News and Perspectives 15 Oct 2025, 1:00 p.m. Actively exploited CVE-2025-20352 CVE Cisco Exploit Remote Code Execution Research Rootkit Vulnerability

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...]

More from Bleeping Computer 6 Oct 2025, 2:37 p.m. Actively exploited CVE-2025-61882 0-Day CVE Critical Flaw Oracle Patch Remote Code Execution Theft Unauthenticated Vulnerability Warning