Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Showing 8 most recent headlines Filtered view

The Hacker News 8 months, 3 weeks ago

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year

More from The Hacker News 12 Sep 2025, 11:50 p.m. CVE-2024-7344 Antivirus Bypass CVE Disclosure Exploit Firmware Malware Patch Ransomware Research Vulnerability

The Hacker News 11 months, 2 weeks ago

Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor

A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper

More from The Hacker News 18 Jun 2025, 7:16 a.m. Actively exploited CVE-2025-2783 0-Day Antivirus Backdoor CVE Chrome Flaw Google Kaspersky Patch Sandbox Threat Actor Vulnerability

Trend Micro Research, News and Perspectives 2 years, 3 months ago

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.

More from Trend Micro Research, News and Perspectives 13 Feb 2024, 1:00 p.m. Actively exploited CVE-2024-21412 0-Day Advanced Persistent Threat Antivirus CVE Disclosure Finance Microsoft Patch Trend Micro Vulnerability

Bleeping Computer 2 years, 4 months ago

Windows SmartScreen flaw exploited to drop Phemedrone malware

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [...]

More from Bleeping Computer 16 Jan 2024, 7:32 a.m. Actively exploited CVE-2023-36025 Antivirus Bypass CVE Exploit Flaw Malware Microsoft Theft Vulnerability

Trend Micro Research, News and Perspectives 3 years, 8 months ago

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.

More from Trend Micro Research, News and Perspectives 14 Sep 2022, 12:00 p.m. Actively exploited CVE-2020-14882 Abuse Antivirus Blocked CVE Cloud Trend Micro Vulnerability

Dark Reading 3 years, 9 months ago

High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

More from Dark Reading 5 Aug 2022, 6:35 a.m. CVE-2022-27535 Antivirus CVE Kaspersky VPN Vulnerability

The Register 3 years, 10 months ago

Windows Network File System flaw results in arbitrary code execution as SYSTEM

Follina was all very exciting, but did you patch CVE-2022-30136? Trend Micro Research has published an anatomy of a Windows remote code execution vulnerability lurking in the Network File System.…

More from The Register 16 Jul 2022, 2:15 a.m. CVE-2022-30136 Antivirus CVE Flaw Microsoft Patch Remote Code Execution Research Trend Micro Vulnerability

Trend Micro Research, News and Perspectives 4 years, 1 month ago

Detecting Exploitation of Local Vulnerabilities Through Trend Micro Vision One™ and Cloud One™

We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847. 

More from Trend Micro Research, News and Perspectives 6 Apr 2022, 12:00 p.m. Actively exploited CVE-2022-0847 Antivirus CVE Cloud Linux Trend Micro Vulnerability