Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view
Bank Info Security 5 months, 2 weeks ago

Fortinet Locks Down FortiCloud SSO Amid Zero-Day Attacks

Mitigation: SSO Access Restricted After Attackers Compromised Fully Patched DevicesNetwork security giant Fortinet locked out cloud customers from its single sign-on service until they update device firmware with a patch against active attacks exploiting an improper access control zero day. Only Fortinet devices running the latest, patched firmware versions can use Fortinet SSO.

Bank Info Security 5 months, 3 weeks ago

Zero-Day Flaw in Cisco Unified Communications Being Targeted

Vendor Ships Emergency Fixes, Warning Flaw Facilitates Full System CompromiseAttackers are targeting a zero-day vulnerability in Cisco's Unified Communications and Webex products that facilitates remote code execution and root-level access to the underlying operating system, risking full system compromise. Cisco has released patches, warning that no workarounds exist.

Bank Info Security 9 months, 2 weeks ago

Oracle Sees No Zero-Day Exploits Tied to Customer Extortion

Data-Grabbing Attacks Appear to Compromise Organizations Without July Patch UpdateOracle has confirmed reports that its customers are being targeted by data-stealing extortionists. Experts said attackers appear to be exploiting E-Business Suite customers who haven't yet installed patches released by Oracle in July to fix critical, remotely exploitable vulnerabilities.

Krebs on Security 11 months, 3 weeks ago

Microsoft Fix Targets Attacks on SharePoint Zero-Day

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies.

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. [...]

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. [...]

Loading more headlines...