India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws
CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines
Ox Security claims as many as 200,000 servers are exposed by newly discovered MCP vulnerability
Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
A flaw in the Slider Revolution plugin has exposed millions of WordPress sites to unauthorized file access
A critical Redis flaw, dubbed “RediShell,” has exposed 60,000 unprotected servers to exploitation
Critical flaw ForcedLeak in Salesforce's AgentForce allows CRM data theft via prompt injection
A vulnerability in Kigen eUICC cards has exposed billions of IoT devices via flawed eSIM profile management
Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk
A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions
WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software
Cyber reports exposed major security flaws in DeepSeek’s R1 LLM
Microsoft MFA flaw exposed that allowed attackers to bypass security within an hour, putting 400m Office 365 accounts at risk
The donation websites of the UK’s seven major political parties are missing critical security features to protect the accounts of donors, according to DataDome
Cisco Talos researchers found a flaw in eight Microsoft apps for macOS that could enable library injection attacks, putting sensitive data at risk
The flaw enables attackers to gain control over the AI service by submitting harmful prompts
The flaws include CVE-2023-47610, a security weaknesses within the modem’s SUPL message handlers
Tracked as CVE-2024-23917, the flaw carries a CVSS rating of 9.8