Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

6 headlines in this view

Showing 6 most recent headlines Filtered view

The Hacker News 4 months ago

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit

More from The Hacker News 3 Feb 2026, 10:12 p.m. Actively exploited CVE-2026-21509 CVE Disclosure Flaw Hacking Malware Microsoft Microsoft Office Nation State Russia Threat Actor Ukraine Zscaler

The Hacker News 1 year, 2 months ago

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp

More from The Hacker News 1 Apr 2025, 5:41 a.m. Actively exploited CVE-2025-26633 0-Day CVE Exploit Hacking Microsoft Patch Russia Threat Actor Vulnerability

Bleeping Computer 1 year, 8 months ago

Windows vulnerability abused braille “spaces” in zero-day attacks

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. [...]

More from Bleeping Computer 16 Sep 2024, 6:16 a.m. Actively exploited CVE-2024-43461 0-Day Advanced Persistent Threat CVE Fixed Hacking Microsoft Spoofing Vulnerability

Bleeping Computer 2 years, 7 months ago

North Korean hackers exploit critical TeamCity flaw to breach networks

Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]

More from Bleeping Computer 19 Oct 2023, 11:33 a.m. Actively exploited CVE-2023-42793 Backdoor Breach CVE Critical Exploit Flaw Hacking Malware Microsoft North Korea Supply Chain

Bleeping Computer 3 years, 2 months ago

Microsoft fixes Outlook zero-day used by Russian hackers since April 2022

Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military intelligence service GRU to target European organizations. [...]

More from Bleeping Computer 15 Mar 2023, 8:11 a.m. Actively exploited CVE-2023-23397 0-Day CVE Critical Infrastructure Europe Hacking Microsoft Military Patch Russia Vulnerability

Bleeping Computer 3 years, 11 months ago

Russian hackers start targeting Ukraine with Follina exploits

Ukraine's Computer Emergency Response Team (CERT) is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) currently tracked as CVE-2022-30190. [...]

More from Bleeping Computer 14 Jun 2022, 2:28 a.m. Actively exploited CVE-2022-30190 CVE Exploit Hacking Microsoft Remote Code Execution Russia Sandworm Tools Ukraine Vulnerability Warning