Cisco Vulnerability Exploited Months Before Disclosure, Google Warns
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to GlobalProtect portals
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild
Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. [...]
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. [...]
Researchers dropped a reliable root exploit and it didn’t sit idle for long CISA is warning that a newly-disclosed Linux kernel bug dubbed "CopyFail" is already being exploited, just days after researchers dropped a working root-level exploit.…
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems
Researchers say attackers are already looting vulnerable boxes In-the-wild exploitation of a critical Citrix NetScaler bug has begun less than a week after disclosure, with researchers warning that attackers are already poking and pillaging vulnerable boxes.…
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software
American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data. [...]
Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation
Curious port filtering and traffic patterns suggest advisories weren’t the earliest warning signals sent Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.…
Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already exploiting Microsoft's latest Office zero-day, with Ukraine's national cyber defense team warning that the same bug is being used to target government agencies inside the country and organizations across the EU.…
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. [...]
Also, CIRO Phishing Breach, Ingram Micro Ransomware and CVE SurgeThis week, DOGE posted sensitive data on an outside server. A phishing attack affected 750,000 Canadians. A hacktivism warning from the U.K. NCSC. An Ingram Micro breach. CVEs surged in 2025. SK Telecom challenged a fine. Researchers disclosed Chainlit flaws. North Korean hackers abused VS Code.
A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application
American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely. [...]
State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…
Rapid7's Christiaan Beek on Ransomware Tactics and How to Mitigate Attacks in 2026Ransomware attacks are reaching record highs, and 2026 may be even worse, said Christiaan Beek, senior director of threat intel and analytics at Rapid7. He warns that hackers are exploiting vulnerabilities as soon as they're disclosed, and they're focusing on flaws in devices on the network edge.