Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Showing 3 most recent headlines Filtered view

Bleeping Computer 2 years, 9 months ago

Hackers use public ManageEngine exploit to breach internet org

The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]

More from Bleeping Computer 25 Aug 2023, 12:31 a.m. Actively exploited CVE-2022-47966 Breach CVE Compromise Critical Critical Infrastructure Exploit Healthcare North Korea Vulnerability

Bleeping Computer 2 years, 9 months ago

Over 3,000 Openfire servers vulnerable to takover attacks

Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...]

More from Bleeping Computer 24 Aug 2023, 7:36 a.m. Actively exploited CVE-2023-32315 CVE Unauthenticated Vulnerability

Bleeping Computer 2 years, 9 months ago

WinRAR zero-day exploited since April to hack trading accounts

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]

More from Bleeping Computer 24 Aug 2023, 1:53 a.m. Actively exploited CVE-2023-38831 0-Day Breach CVE Cryptocurrency Hacking Malware Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Fresh headlines available

Hackers use public ManageEngine exploit to breach internet org

Over 3,000 Openfire servers vulnerable to takover attacks

WinRAR zero-day exploited since April to hack trading accounts