Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

65 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 65 Filtered view
Bank Info Security 2 days, 22 hours ago

Researcher Drops 9th Windows Zero-Day

LegacyHive Is a Local Privilege Escalation BugThe vulnerability hunter in a feud with Microsoft released yet another Windows zero-day Tuesday as promised, though the touted "bone-shattering" disclosure was stripped down to prevent public exploitation. LegacyHive, exploits a profile-loading race condition to access another user's registry hive.

A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling. The security researcher Ammar Askar found a new serious zero-day in Visual Studio Code, told a contact at GitHub about it, and published a working exploit one hour later. “Just by clicking a link, it’s possible for […]

Bank Info Security 1 month, 2 weeks ago

Microsoft Threatens Legal Action Over Zero-Day Leaks

Security Researchers Fear Broader Legal Pressure on Bug DisclosuresMicrosoft is pursuing legal action after a researcher publicly released six Windows zero-days and exploit code following a breakdown in coordinated disclosure talks, escalating tensions over vulnerability disclosure, platform moderation and protections for independent security researchers.

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems

Krebs on Security 3 months ago

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information. The post Microsoft drops its second-largest monthly batch of defects on record appeared first on CyberScoop.

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai

Loading more headlines...