Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Showing 8 most recent headlines Filtered view

The Hacker News 2 weeks, 5 days ago

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026

More from The Hacker News 15 May 2026, 5:28 p.m. Incident · 7 stories Actively exploited CVE-2026-20182 America Authentication Bypass CISA CVE Cisco Critical Disclosure Exploit Vulnerability

The Hacker News 1 month ago

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild

More from The Hacker News 3 May 2026, 6:26 p.m. Incident · 7 stories Actively exploited CVE-2026-31431 America CISA CVE Disclosure Flaw Linux Privilege Escalation Root Vulnerability

The Hacker News 1 month, 2 weeks ago

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA)

More from The Hacker News 17 Apr 2026, 3:22 p.m. Incident · 5 stories Actively exploited CVE-2026-34197 America Apache CISA CVE Disclosure Flaw Vulnerability

The Hacker News 2 months, 4 weeks ago

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild

More from The Hacker News 4 Mar 2026, 5:35 p.m. Actively exploited CVE-2026-22719 America CISA CVE Disclosure Flaw VMware Virtualisation Vulnerability

The Hacker News 3 months, 1 week ago

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

More from The Hacker News 25 Feb 2026, 6:23 p.m. Actively exploited CVE-2026-25108 America CISA CVE Confirmation Disclosure Vulnerability

The Hacker News 1 year ago

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed

More from The Hacker News 6 May 2025, 4:01 a.m. Actively exploited CVE-2025-34028 America CISA CVE Disclosure Flaw Vulnerability

The Hacker News 1 year, 1 month ago

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild

More from The Hacker News 18 Apr 2025, 4:29 p.m. Actively exploited CVE-2025-24054 America CISA CVE Credentials Disclosure Flaw Microsoft NTLM Vulnerability

The Hacker News 4 years, 1 month ago

CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation." The critical severity flaw, assigned the identifier CVE-2022-22965 (CVSS score: 9.8) and dubbed "Spring4Shell", impacts Spring

More from The Hacker News 5 Apr 2022, 7:31 p.m. Actively exploited CVE-2022-22965 America CISA CVE Critical Disclosure Flaw Framework Remote Code Execution Vulnerability Warning