Yasna | Cybersecurity news, filtered

The Hacker News 1 month ago

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild

More from The Hacker News 28 Apr 2026, 5:50 p.m. Actively exploited CVE-2026-32202 CVE Confirmation Flaw Microsoft Patch Patch Tuesday Sensitive Information Spoofing Vulnerability

The Hacker News 3 months ago

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited

Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild

More from The Hacker News 3 Mar 2026, 8:08 p.m. Actively exploited CVE-2026-21385 Aerospace Android CVE Confirmation Disclosure Flaw Google Open Source Vulnerability

The Hacker News 3 months, 1 week ago

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

More from The Hacker News 25 Feb 2026, 6:23 p.m. Actively exploited CVE-2026-25108 America CISA CVE Confirmation Disclosure Vulnerability

Bleeping Computer 7 months, 1 week ago

CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. [...]

More from Bleeping Computer 22 Oct 2025, 8:15 a.m. Actively exploited CVE-2025-61884 CISA CVE Confirmation Flaw Oracle Vulnerability

The Hacker News 9 months, 1 week ago

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild

More from The Hacker News 27 Aug 2025, 5:29 a.m. Actively exploited CVE-2025-7775 CVE Citrix Confirmation DoS Flaw Patch Remote Code Execution Vulnerability

The Hacker News 9 months, 3 weeks ago

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country

More from The Hacker News 12 Aug 2025, 8:36 p.m. Actively exploited CVE-2025-6543 Breach CVE Citrix Confirmation Critical Disclosure Flaw Netherland

The Hacker News 1 year, 1 month ago

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access

More from The Hacker News 1 May 2025, 8:11 p.m. Actively exploited CVE-2025-3928 0-Day Azure Backup Breach CVE Confirmation Microsoft Nation State Threat Actor

The Hacker News 1 year, 1 month ago

SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week

More from The Hacker News 25 Apr 2025, 10:41 p.m. CVE-2017-9844 0-Day CVE Confirmation Critical Disclosure Flaw Report Threat Actor Vulnerability

Dark Reading 1 year, 3 months ago

Cisco Confirms Salt Typhoon Exploitation in Telecom Hits

In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using using stolen login credentials for initial access.

More from Dark Reading 22 Feb 2025, 7:11 a.m. Actively exploited CVE-2018-0171 Advanced Persistent Threat CVE China Cisco Confirmation Credentials Initial Access Theft

The Hacker News 1 year, 3 months ago

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies

More from The Hacker News 21 Feb 2025, 8:38 p.m. Actively exploited CVE-2018-0171 America CVE China Cisco Confirmation Credentials Flaw Threat Actor Victims

The Hacker News 1 year, 8 months ago

Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch

Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild

More from The Hacker News 5 Sep 2024, 1:36 a.m. Actively exploited CVE-2024-32896 Android CVE Confirmation Flaw Framework Google NIST Patch Privilege Escalation Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available