Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view
Bank Info Security 7 months, 2 weeks ago

Breach Roundup: React Flaw Incites Supply Chain Risk

Also, Microsoft Badly Patches LNK Flaw, Australian Sentenced for 'Evil Twin' HackThis week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth's Signal group posed operational risk, more North Korean npm packages. An Australian jailed for Wi-Fi "evil twin" crimes. The US FTC will send $15.3 million to Avast users. A London council said attackers stole data.

Researchers in Proof of Concept Show Exploit Potential for Widely Used SoftwareTechnical details for a recently patched maximum-severity vulnerability in Cisco IOS XE reveal how hackers can enable remote code execution if the flaw is exploited. The vulnerability is an arbitrary file upload triggered by a hardcoded JSON Web Token.

Bank Info Security 1 year, 7 months ago

Warning: Patch Advantech Industrial Wireless Access Points

Researchers Discover 20 Critical Flaws Attackers Could Exploit in a Variety of WaysResearchers identified 20 critical vulnerabilities in a type of Advantech industrial-grade wireless access point that's widely deployed across critical infrastructure environments. Attackers could exploit the flaws to remotely executive code and create denials of service.

Bank Info Security 2 years, 3 months ago

Exploited TP-Link Vulnerability Spawns Botnet Threats

Attackers Exploit Old Flaw, Hijack TP-Link Archer RoutersHalf a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.