Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

Hackers exploit CVE-2026-3300 in Everest Forms Pro to inject PHP via form fields, creating rogue admin accounts. 29,300 attempts blocked. Researcher h0xilo submitted a flaw in Everest Forms Pro for WordPress, tracked as CVE-2026-3300, to Wordfence’s bug bounty program and earned $325 for it. WPEverest patched the flaw on March 18. Wordfence published a full […]

Bank Info Security 8 months, 1 week ago

Cryptohack Roundup: Europol Busts 600M Euro Fraud Network

Also: SBF Appeals Conviction, PHP Exploits Fuel CryptominingEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Europol's 600 million euro fraud network bust, Sam Bankman-Fried conviction appeal, PHP exploits fueled cryptomining campaigns and sentencing set for Samourai Wallet founders.

Bank Info Security 1 year, 5 months ago

Attackers Exploit Palo Alto Zero-Day Authentication Bypass

Surge in Attack Attempts Spotted After Palo Alto Networks Details and Patches FlawAttackers have stepped up efforts to exploit a vulnerability in the software that runs Palo Alto Networks firewall appliances that could give them direct access to the underlying software. Unauthenticated hackers could use PHP scripts to bypass the PAN-OS management web interface.

Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]

Bank Info Security 2 years, 1 month ago

Ransomware Gang TellYouThePass Exploits PHP Vulnerability

Flaw Allows Unauthenticated Attackers to Execute Arbitrary CodeA ransomware operation with a history of exploiting widespread internet vulnerabilities lost little time in making use of a critical severity vulnerability in scripting language PHP. The TellYouThePass ransomware group sees opportunity whenever system administrators must scramble to patch systems.

Bank Info Security 2 years, 1 month ago

Critical PHP Vulnerability Threatens Windows Servers

Remote Code Execution Exploit Found; Patch Now AvailableA critical remote code execution vulnerability in PHP for Windows, affecting all releases since version 5.x, requires immediate action from server administrators. The flaw enables attackers to execute arbitrary code on remote PHP servers through an argument injection attack.