U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiSandbox and Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiSandbox and Microsoft SharePoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft’s July 2026 Patch Tuesday addressed the SharePoint remote code execution bug […]
Latest cybersecurity reporting from selected sources.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Refine the feed
Search across headline titles and summaries.
Volume over time
Weekly headline count for the current query.
CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 19, 2026
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover
Microsoft Patches a Record 570 Security Flaws
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence.
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed. [...]
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the Microsoft Malware Protection Engine. The company stated it is aware of the issue and is […]
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day vulnerabilities and one actively exploited in attacks. [...]
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws and five publicly disclosed zero-day vulnerabilities. [...]
Critical Windows Netlogon RCE flaw now exploited in attacks
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. [...]
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microsoft released security updates to patch a high-severity SharePoint vulnerability, tracked as CVE-2026-45659 (CVSS score of 8.8), that could allow remote code execution. The flaw does not require complex conditions for exploitation, making it a […]
Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May […]
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack
Microsoft Fixes 17 Critical Flaws in May Patch Tuesday
Microsoft has patched 120 vulnerabilities in this month’s security update round
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try's a charm? Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…