Cisco Vulnerability Exploited Months Before Disclosure, Google Warns
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
March Patch Tuesday sees Microsoft release updates for 79 flaws
Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation
VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025
A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, posing severe risks for server-side implementations
Flaws in Windows Graphics Device Interface (GDI) have been identified that allow remote code execution and information disclosure
Two local information disclosure flaws in Linux crash-reporting tools have been identified exposing system data to attackers
Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process
Discovered by Microsoft and dubbed "Migraine," the flaw was disclosed to Apple and patched
Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots
The disclosed flaws occurred when handling malicious TPM 2.0 commands with encrypted parameters
The newly added vulnerabilities span six years, with the oldest disclosed in 2016
Social app patches medium-severity flaws after responsible disclosure