Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Showing 4 most recent headlines Filtered view
Bank Info Security 1 year, 2 months ago

Critical Kubernetes Controller Flaws: 4,000 IPs Exposed

Patch Urgency Increases as Code to Exploit CVE-2025-1974 Vulnerability PublishedScans reveal that thousands of Kubernetes clusters' Ingress Nginx Controller software remain internet-exposed, which experts said is bad practice. More importantly, the software needs updating to fix a critical vulnerability that can be remotely exploited to seize complete control of a cluster.

More from Bank Info Security 29 Mar 2025, 7:30 a.m. CVE-2025-1974 CVE Critical Exploit Exposure Flaw Kubernetes Patch Vulnerability
Trend Micro Research, News and Perspectives 1 year, 2 months ago

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines.

More from Trend Micro Research, News and Perspectives 28 Mar 2025, 1:00 p.m. Actively exploited CVE-2025-26633 0-Day CVE Framework Infection Malicious Code Microsoft Research Russia Threat Actor Vulnerability

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.  The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a

More from The Hacker News 26 Mar 2025, 5:56 p.m. Actively exploited CVE-2025-2783 0-Day CVE Chrome Exploit Flaw Google Microsoft Patch Russia Vulnerability
Trend Micro Research, News and Perspectives 1 year, 2 months ago

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

More from Trend Micro Research, News and Perspectives 25 Mar 2025, 1:00 p.m. Actively exploited CVE-2025-26633 0-Day CVE Exploit Malicious Code Microsoft Research Russia Threat Actor Vulnerability