Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view
Bleeping Computer 3 years, 3 months ago

CISA warns of hackers exploiting ZK Java Framework RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added CVE-2022-36537 to its "Known Exploited Vulnerabilities Catalog" after threat actors began actively exploiting the remote code execution (RCE) flaw in attacks. [...]

More from Bleeping Computer 1 Mar 2023, 10:37 a.m. Actively exploited CVE-2022-36537 America CISA CVE Flaw Framework Java Remote Code Execution Threat Actor Vulnerability Warning

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an

More from The Hacker News 5 May 2022, 12:05 a.m. Actively exploited CVE-2022-26352 CVE Critical Disclosure Flaw Java Remote Code Execution Vulnerability