Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Showing 3 most recent headlines Filtered view

Dark Reading 2 weeks, 2 days ago

Microsoft Exchange Zero-Day Under Attack, No Patch Available

CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.

More from Dark Reading 19 May 2026, 9:43 a.m. Incident · 4 stories Actively exploited CVE-2026-42897 0-Day CVE Compromise Microsoft Patch Vulnerability XSS

The Hacker News 2 weeks, 5 days ago

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild

More from The Hacker News 15 May 2026, 6:19 p.m. Incident · 4 stories Actively exploited CVE-2026-42897 CVE Disclosure Email Exchange Server Flaw Microsoft Spoofing Vulnerability XSS

The Hacker News 6 months ago

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation

More from The Hacker News 30 Nov 2025, 10:23 p.m. Actively exploited CVE-2021-26829 America CISA CVE Flaw Linux Microsoft Vulnerability XSS

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available

Microsoft Exchange Zero-Day Under Attack, No Patch Available

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV