Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view

Unpatched Flaw in Open-Source Gogs Service Facilitates Remote Code ExecutionAn attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self-hosting, warned researchers. At least 700 internet-exposed servers running Gogs shows signs of being infected with command-and-control malware; no patch is yet available.

Bank Info Security 1 year, 1 month ago

Mirai Botnets Exploit Flaw in Unpatched Wazuh Servers

Modular Mirai Malware Code Strikes AgainNo fewer than two separate Mirai botnets are on the hunt for unpatched servers hosting open source SIEM solution Wazuh, an unusual variation of hackers' typical focus on Internet of Things devices for stringing together infected computers. Akamai dates the first campaign to March, the other to May.

Bank Info Security 1 year, 5 months ago

New Mirai Variant Targets Flaws in Cameras and Routers

Murdoc Botnet Uses Over 100 Distinct C2 Servers to Manage Infected DevicesA new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in July 2024.

Bank Info Security 2 years, 5 months ago

FritzFrog Botnet Exploits Log4Shell

Botnet Looks for Vulnerable Internal Network MachinesDelivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector. Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.