Hackers exploit Roundcube flaw to spy on academic researchers
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments
Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and human behavior
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing — no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324
Hardcoded passwords and path traversals keeping bug hunters in work Security researchers have issued a warning about a pre-authentication exploit chain affecting a CMS used by some of the biggest companies in the world.…
PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three flaws it thought it had fixed last year.…
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. [...]
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. [...]
Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers