Yasna | Cybersecurity news, filtered

The Hacker News 1 week, 4 days ago

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild

More from The Hacker News 23 May 2026, 7:35 p.m. Actively exploited CVE-2026-48172 Abuse CVE Compromise Flaw Root Vulnerability

Bleeping Computer 2 weeks, 6 days ago

New Fragnesia Linux flaw lets attackers gain root privileges

Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that allows attackers to run malicious code as root. [...]

More from Bleeping Computer 14 May 2026, 7:34 p.m. Incident · 9 stories CVE-2026-46300 CVE Flaw Linux Malicious Code Patch Privilege Escalation Root Vulnerability

The Hacker News 1 month ago

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild

More from The Hacker News 3 May 2026, 6:26 p.m. Incident · 7 stories Actively exploited CVE-2026-31431 America CISA CVE Disclosure Flaw Linux Privilege Escalation Root Vulnerability

The Hacker News 2 months, 2 weeks ago

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software

More from The Hacker News 19 Mar 2026, 5:00 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Critical Disclosure Exploit Firewalls Flaw Java Ransomware Root Unauthenticated Vulnerability Warning

The Hacker News 2 months, 2 weeks ago

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges

More from The Hacker News 19 Mar 2026, 1:30 a.m. CVE-2026-32746 CVE Critical Disclosure Flaw Remote Code Execution Research Root Unauthenticated Vulnerability

Bleeping Computer 8 months ago

CISA warns of critical Linux Sudo flaw exploited in attacks

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. [...]

More from Bleeping Computer 1 Oct 2025, 2:42 a.m. Actively exploited CVE-2025-32463 CISA CVE Critical Flaw Linux Root Vulnerability Warning

Bleeping Computer 10 months, 2 weeks ago

Max severity Cisco ISE bug allows pre-auth command execution, patch now

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]

More from Bleeping Computer 18 Jul 2025, 3:53 a.m. Actively exploited CVE-2025-20337 CVE Cisco Critical Patch Root Unauthenticated Vulnerability

The Hacker News 1 year ago

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system

More from The Hacker News 8 May 2025, 4:57 p.m. CVE-2025-20188 Apple CVE Cisco Exploit Flaw Patch Root Unauthenticated Vulnerability Wireless

The Hacker News 1 year, 4 months ago

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions

More from The Hacker News 15 Jan 2025, 5:53 a.m. CVE-2024-44243 Apple Bypass CVE Flaw Microsoft Patch Root Rootkit Vulnerability macOS

Dark Reading 2 years, 4 months ago

Critical Cisco Unified Communications RCE Bug Allows Root Access

The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.

More from Dark Reading 26 Jan 2024, 6:46 a.m. CVE-2024-20253 CVE Cisco Critical Remote Code Execution Root Unauthenticated Vulnerability

Bleeping Computer 2 years, 6 months ago

Hackers exploit Looney Tunables Linux bug, steal cloud creds

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]

More from Bleeping Computer 7 Nov 2023, 9:26 a.m. Actively exploited CVE-2023-4911 CVE Cloud Exploit Linux Malware Root Theft Vulnerability

Trend Micro Research, News and Perspectives 4 years, 2 months ago

MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639

We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.

More from Trend Micro Research, News and Perspectives 4 Apr 2022, 12:00 p.m. CVE-2022-22639 CVE Patch Privilege Escalation Root Vulnerability macOS

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available