Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. [...]
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324
The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to infect computers running on a vulnerable UEFI firmware. [...]
Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]
Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately.