Yasna | Cybersecurity news, filtered

The Hacker News 2 weeks, 1 day ago

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE)

More from The Hacker News 20 May 2026, 2:56 a.m. CVE-2026-31635 CVE Exploit Flaw Linux Patch PoC Privilege Escalation Vulnerability

Bleeping Computer 10 months, 3 weeks ago

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now

Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. [...]

More from Bleeping Computer 8 Jul 2025, 10:57 a.m. Actively exploited CVE-2025-5777 CVE Citrix Critical Exploit Flaw Patch PoC Research Theft Vulnerability Warning

Bleeping Computer 1 year ago

Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. [...]

More from Bleeping Computer 7 May 2025, 6:16 a.m. CVE-2025-30065 Apache CVE Critical Exploit Flaw PoC Tools Vulnerability

Bleeping Computer 1 year, 5 months ago

New critical Apache Struts flaw exploited to find vulnerable servers

A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. [...]

More from Bleeping Computer 18 Dec 2024, 7:04 a.m. CVE-2024-53677 Apache CVE Critical Exploit Flaw Patch PoC Vulnerability

Bleeping Computer 1 year, 8 months ago

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. [...]

More from Bleeping Computer 17 Sep 2024, 7:08 a.m. CVE-2024-29847 CVE Critical Exploit Flaw Patch PoC Remote Code Execution Vulnerability

Bleeping Computer 1 year, 11 months ago

Exploit for critical Veeam auth bypass available, patch now

A proof-of-concept (PoC) exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making it urgent that admins apply the latest security updates. [...]

More from Bleeping Computer 11 Jun 2024, 3:05 a.m. CVE-2024-29849 Authentication Backup Bypass CVE Critical Exploit Flaw Patch PoC

Bleeping Computer 2 years, 4 months ago

45k Jenkins servers exposed to RCE attacks using public exploits

Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation. [...]

More from Bleeping Computer 30 Jan 2024, 11:06 a.m. CVE-2023-23897 CVE Critical Exploit Exposure Flaw PoC Remote Code Execution Research Vulnerability

Bleeping Computer 2 years, 5 months ago

Hackers are exploiting critical Apache Struts flaw using public PoC

Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. [...]

More from Bleeping Computer 14 Dec 2023, 5:19 a.m. CVE-2023-50164 Apache CVE Critical Exploit Fixed Flaw PoC Remote Code Execution Vulnerability

Dark Reading 2 years, 7 months ago

'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits

Following the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.

More from Dark Reading 10 Oct 2023, 9:00 a.m. Actively exploited CVE-2023-4911 CVE Critical Exploit Flaw Linux PoC Vulnerability

Bleeping Computer 3 years, 3 months ago

Exploit released for critical Fortinet RCE flaw, patch now

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in Fortinet's FortiNAC network access control suite. [...]

More from Bleeping Computer 22 Feb 2023, 7:21 a.m. CVE-2022-39952 CVE Critical Exploit Flaw Fortinet Patch PoC Remote Code Execution Research Vulnerability

Bleeping Computer 3 years, 3 months ago

Exploit released for critical Fortinet RCE flaws, patch now

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in Fortinet's FortiNAC network access control suite. [...]

More from Bleeping Computer 22 Feb 2023, 7:21 a.m. CVE-2022-39952 CVE Critical Exploit Flaw Fortinet Patch PoC Remote Code Execution Research Vulnerability

Dark Reading 3 years, 4 months ago

Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available

Unpatched Cisco bugs, tracked as CVE-2023-20025 and CVE-2023-20026, allow lateral movement, data theft, and malware infestations.

More from Dark Reading 13 Jan 2023, 8:11 a.m. CVE-2023-20025 CVE-2023-20026 Authentication Bypass CVE Cisco Critical Flaw Lateral Movement Malware PoC Routers Theft

The Hacker News 4 years, 1 month ago

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2

More from The Hacker News 22 Apr 2022, 11:43 p.m. CVE-2022-21449 Bypass CVE Disclosure Flaw Java Oracle PoC Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available