Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

6 headlines in this view

Showing 6 most recent headlines Filtered view

The Hacker News 1 year ago

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver

More from The Hacker News 9 May 2025, 4:29 p.m. Actively exploited CVE-2025-31324 CVE China Critical Disclosure Exploit Flaw Hacking Remote Code Execution Report Threat Actor

The Hacker News 1 year ago

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system

More from The Hacker News 8 May 2025, 4:57 p.m. CVE-2025-20188 Apple CVE Cisco Exploit Flaw Patch Root Unauthenticated Vulnerability Wireless

The Hacker News 1 year ago

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States

More from The Hacker News 7 May 2025, 10:44 p.m. Actively exploited CVE-2025-29824 0-Day America Antivirus Breach CVE Flaw Microsoft Patch Privilege Escalation Ransomware Symantec Threat Actor

Dark Reading 1 year ago

Researcher Says Patched Commvault Bug Still Exploitable

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild.

More from Dark Reading 7 May 2025, 9:24 a.m. Actively exploited CVE-2025-34028 CISA CVE Patch Vulnerability

Bleeping Computer 1 year ago

Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. [...]

More from Bleeping Computer 7 May 2025, 6:16 a.m. CVE-2025-30065 Apache CVE Critical Exploit Flaw PoC Tools Vulnerability

The Hacker News 1 year ago

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed

More from The Hacker News 6 May 2025, 4:01 a.m. Actively exploited CVE-2025-34028 America CISA CVE Disclosure Flaw Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Fresh headlines available

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Researcher Says Patched Commvault Bug Still Exploitable

Apache Parquet exploit tool detect servers vulnerable to critical flaw

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed