Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

131 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 131 Filtered view

Public exploits are now available for two critical WordPress flaws that attackers can chain to gain remote code execution without authentication. Public proof-of-concept exploits are now available for the critical wp2shell vulnerabilities affecting WordPress Core. The flaws, tracked as CVE-2026-63030 and CVE-2026-60137, can be chained to achieve pre-authentication remote code execution on default WordPress installations […]

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs

Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side […]

Cisco Fixes ISE Bug; HPE OneView Under Fire; Exploit Code Drops for n8n FlawThe new year is off to a fresh start on the vulnerability and exploit alert front: Cisco has patched a critical Identity Services Engine; cybersecurity officials warn that an HPE OneView vulnerability is being actively exploited; and proof-of-concept exploits drop for n8n automation software.

Loading more headlines...