Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in an enterprise setting. It’s a critical unauthenticated stack-based buffer overflow that can give a remote […]

More from Security Affairs 3 Jun 2026, 5:03 p.m. CVE-2026-0826 CVE Critical Disclosure Patch Remote Code Execution Root Unauthenticated VoIP

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software

More from The Hacker News 19 Mar 2026, 5:00 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Critical Disclosure Exploit Firewalls Flaw Java Ransomware Root Unauthenticated Vulnerability Warning

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges

More from The Hacker News 19 Mar 2026, 1:30 a.m. CVE-2026-32746 CVE Critical Disclosure Flaw Remote Code Execution Research Root Unauthenticated Vulnerability

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023

More from The Hacker News 26 Feb 2026, 7:13 p.m. Actively exploited CVE-2026-20127 0-Day Authentication Bypass CVE Cisco Disclosure Flaw Unauthenticated Vulnerability

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks

More from The Hacker News 14 May 2025, 3:13 a.m. Actively exploited CVE-2025-31324 Advanced Persistent Threat Breach CVE China Critical Critical Infrastructure Disclosure Exploit Flaw Nation State Remote Code Execution Unauthenticated Vulnerability
Bank Info Security 1 year, 1 month ago

Threat Actors Hacking SAP Critical Zero-Day

Unauthenticated Hackers Exploit CVE-2025-31324 to Upload WebshellsThreat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. On Friday, SAP's security division, Onapsis, disclosed that CVE-2025-31324 is "actively exploited in the wild."

More from Bank Info Security 29 Apr 2025, 8:00 a.m. Actively exploited CVE-2025-31324 0-Day CVE Critical Disclosure Exploit Flaw Hacking Threat Actor Tools Unauthenticated Widely Used