Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

6 headlines in this view

Showing 6 most recent headlines Filtered view

The Hacker News 9 months ago

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr Labs, are listed below - CVE-2025-53693 - HTML cache poisoning through unsafe reflections CVE-2025-53691 - Remote code execution (RCE) through insecure deserialization CVE-2025-53694 -

More from The Hacker News 30 Aug 2025, 5:22 a.m. CVE-2025-53693 CVE-2025-53691 CVE-2025-53694 CVE Disclosure Exploit Flaw Remote Code Execution Research Vulnerability

Bleeping Computer 9 months, 1 week ago

Over 28,000 Citrix devices vulnerable to new exploited RCE flaw

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild. [...]

More from Bleeping Computer 28 Aug 2025, 4:48 a.m. Actively exploited CVE-2025-7775 CVE Citrix Critical Flaw Remote Code Execution Vulnerability

Bleeping Computer 9 months, 1 week ago

Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks

Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability. [...]

More from Bleeping Computer 27 Aug 2025, 9:37 a.m. Actively exploited CVE-2025-7775 0-Day CVE Citrix Critical Fixed Flaw Remote Code Execution Vulnerability

Bank Info Security 9 months, 1 week ago

Citrix NetScaler Devices Yet Again Under Attack

Citrix Publishes Patches After Attackers Exploit Memory Overflow VulnerabilityNetScaler customers of virtualization giant Citrix once again should patch immediately to stymie the hackers exploiting a zero-day. Citrix warned Tuesday that hackers are using a memory overflow vulnerability now tracked as CVE-2025-7775. The vulnerability carries a CVSS score of 9.2.

More from Bank Info Security 27 Aug 2025, 8:30 a.m. Actively exploited CVE-2025-7775 0-Day CVE Citrix Exploit Patch Vulnerability

The Hacker News 9 months, 1 week ago

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild

More from The Hacker News 27 Aug 2025, 5:29 a.m. Actively exploited CVE-2025-7775 CVE Citrix Confirmation DoS Flaw Patch Remote Code Execution Vulnerability

The Hacker News 9 months, 1 week ago

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container

More from The Hacker News 26 Aug 2025, 5:53 a.m. CVE-2025-9074 CVE Critical Docker Flaw Microsoft Virtualisation Vulnerability macOS