Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

45 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 45 Filtered view

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May […]

Bank Info Security 8 months, 2 weeks ago

CISA Issues Guidance to Curb Microsoft Exchange Exploits

US Cyber Defense Agency Releases Best Practices to Harden Exchange EnvironmentsU.S. cyber defense officials and their international partners issued a new blueprint for mitigating Microsoft Exchange vulnerabilities on Thursday as governments worldwide continue to grapple with persistent intrusion campaigns targeting on-premises Microsoft Exchange servers in hybrid environments.

But we mean, you've had nearly four years to patch One of the critical security flaws exploited by China's Salt Typhoon to breach US telecom and government networks has had a patch available for nearly four years - yet despite repeated warnings from law enforcement and private-sector security firms, nearly all public-facing Microsoft Exchange Server instances with this vulnerability remain unpatched.…

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region

Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates

Loading more headlines...