Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability

More from The Hacker News 30 May 2026, 2:39 a.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Cloud Compromise Credentials Disclosure Exploit Initial Access Threat Actor Vulnerability

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026

More from The Hacker News 15 May 2026, 5:28 p.m. Incident · 7 stories Actively exploited CVE-2026-20182 America Authentication Bypass CISA CVE Cisco Critical Disclosure Exploit Vulnerability

Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…

More from The Register 19 Mar 2026, 6:40 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Disclosure Exploit Exposure Firewalls Flaw Patch Ransomware Vulnerability

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software

More from The Hacker News 19 Mar 2026, 5:00 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Critical Disclosure Exploit Firewalls Flaw Java Ransomware Root Unauthenticated Vulnerability Warning

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE-2026-24423 and CVE-2026-23760 tied to ransomware activity. [...]

More from Bleeping Computer 19 Feb 2026, 5:27 a.m. Actively exploited CVE-2026-24423 CVE-2026-23760 CVE Credentials Disclosure Exploit Flaw Ransomware Theft

CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025

More from The Hacker News 7 Oct 2025, 6:12 p.m. Actively exploited CVE-2025-61882 CVE Critical Crowdstrike Disclosure Exploit Flaw Oracle Threat Actor Vulnerability

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year

More from The Hacker News 12 Sep 2025, 11:50 p.m. CVE-2024-7344 Antivirus Bypass CVE Disclosure Exploit Firmware Malware Patch Ransomware Research Vulnerability

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.  The flaws, per watchTowr Labs, are listed below - CVE-2025-53693 - HTML cache poisoning through unsafe reflections CVE-2025-53691 - Remote code execution (RCE) through insecure deserialization CVE-2025-53694 -

More from The Hacker News 30 Aug 2025, 5:22 a.m. CVE-2025-53693 CVE-2025-53691 CVE-2025-53694 CVE Disclosure Exploit Flaw Remote Code Execution Research Vulnerability

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware

More from The Hacker News 28 May 2025, 11:00 p.m. Actively exploited CVE-2025-32432 CVE Cryptocurrency Cryptominer Disclosure Exploit Flaw Patch Remote Code Execution Threat Actor Vulnerability

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks

More from The Hacker News 14 May 2025, 3:13 a.m. Actively exploited CVE-2025-31324 Advanced Persistent Threat Breach CVE China Critical Critical Infrastructure Disclosure Exploit Flaw Nation State Remote Code Execution Unauthenticated Vulnerability
Bank Info Security 1 year, 1 month ago

Threat Actors Hacking SAP Critical Zero-Day

Unauthenticated Hackers Exploit CVE-2025-31324 to Upload WebshellsThreat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. On Friday, SAP's security division, Onapsis, disclosed that CVE-2025-31324 is "actively exploited in the wild."

More from Bank Info Security 29 Apr 2025, 8:00 a.m. Actively exploited CVE-2025-31324 0-Day CVE Critical Disclosure Exploit Flaw Hacking Threat Actor Tools Unauthenticated Widely Used