Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Showing 7 most recent headlines Filtered view

Info Security Magazine 2 years, 6 months ago

Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware

Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8

More from Info Security Magazine 23 Nov 2023, 6:00 a.m. Actively exploited CVE-2023-46604 Apache CVE Flaw Linux Malware Vulnerability

Dark Reading 2 years, 6 months ago

Exploit for Critical Windows Defender Bypass Goes Public

Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.

More from Dark Reading 22 Nov 2023, 10:29 a.m. Actively exploited CVE-2023-36025 0-Day Bypass CVE Critical Exploit Microsoft Patch Threat Actor Vulnerability

Bleeping Computer 2 years, 6 months ago

Citrix warns admins to kill NetScaler user sessions to block hackers

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. [...]

More from Bleeping Computer 22 Nov 2023, 5:36 a.m. Actively exploited CVE-2023-4966 CVE Citrix Vulnerability Warning

Dark Reading 2 years, 6 months ago

Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw

Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.

More from Dark Reading 21 Nov 2023, 1:00 p.m. Actively exploited CVE-2023-36025 CVE Critical Exploit Flaw Microsoft Patch Threat Actor

Bleeping Computer 2 years, 6 months ago

Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]

More from Bleeping Computer 21 Nov 2023, 5:54 a.m. Actively exploited CVE-2023-46604 Apache CVE Compromise Critical Exploit Linux Malware Open Source Remote Code Execution Vulnerability

Trend Micro Research, News and Perspectives 2 years, 6 months ago

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

More from Trend Micro Research, News and Perspectives 20 Nov 2023, 1:00 p.m. Actively exploited CVE-2023-46604 Apache CVE Cryptocurrency Cryptominer Linux Malware Vulnerability

Bleeping Computer 2 years, 6 months ago

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies

After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]

More from Bleeping Computer 20 Nov 2023, 5:14 a.m. Actively exploited CVE-2023-38831 CVE Cyberattack Exploit Nation State Russia Sandworm Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Fresh headlines available

Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware

Exploit for Critical Windows Defender Bypass Goes Public

Citrix warns admins to kill NetScaler user sessions to block hackers

Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw

Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies