Attackers target critical FortiSandbox flaws as CISA issues patch order
Command injection vulns land on exploited list after researchers spot abuse attempts
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Command injection vulns land on exploited list after researchers spot abuse attempts
Researchers dropped a reliable root exploit and it didn’t sit idle for long CISA is warning that a newly-disclosed Linux kernel bug dubbed "CopyFail" is already being exploited, just days after researchers dropped a working root-level exploit.…
PLUS: CISA issues drone warning; China-linked DNS-hijacking malware; Prison for BTC Samourai; And more Infosec In Brief Researchers have urged users of the glob file pattern matching library to update their installations, after discovery of a years-old remote code execution flaw in the tool's CLI.…
1 in 3 entries are used to extort civilians, says new paper Fresh research suggests attackers are actively monitoring databases of vulnerabilities that are known to be useful in carrying out ransomware attacks.…
More work to do as most deadlines are missed and worst bugs still take months to fix The deadlines associated with CISA's Known Exploited Vulnerabilities (KEV) catalog only apply to federal agencies, but fresh research shows they're having a positive impact on private organizations too.…
Nearly 60 holes found affecting 'more than 30,000' machines worldwide Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to the US government's CISA and private security researchers. …
Plus: Fox News learns to use database passwords, Autodesk patches high-severity bugs, and CISA says retire old D-Link routers In brief Google pulled a slew of Android apps with more than 46 million downloads from its Google Play Store after security researchers notified the cloud giant that the code contained some sneaky data-harvesting code.…