Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now. JFrog Security Research published a working exploit walkthrough on June 25 for CVE-2026-43503 (CVSS score of 8.8), a Linux kernel privilege escalation they call DirtyClone. It’s the fourth vulnerability in the DirtyFrag family, all sharing the same […]

Bank Info Security 2 months, 1 week ago

'Dirty Frag' Gives Root on Linux Distros

No Patches Yet Available, After Third Party Published Vulnerability DetailsSecurity researchers have discovered a new, critical flaw in the Linux kernel that attackers can exploit to gain root access. No patches are yet available to fix "Dirty Frag," the second new local privilege escalation flaw to be found in two weeks, following the similar "Copy Fail" vulnerability.

Bank Info Security 1 year, 1 month ago

Linux Crash Dump Flaws Expose Passwords, Encryption Keys

Race-Condition Bugs in Ubuntu and Red Hat Tools Could Leak Sensitive Memory DataHackers could exploit a tool that stores crashed system data in older Linux operating systems to obtain passwords and encryption keys, warn researchers. The flaw lies in the way certain Linux distributions, including Ubuntu, Red Hat, and Fedora, handle application crashes.

Bank Info Security 2 years, 7 months ago

CISA Urges Patching as Hackers Exploit 'Looney Tunables' Bug

Kinsing Threat Actor Observed Targeting Vulnerable Cloud Environments With New FlawThe Cybersecurity and Infrastructure Security Agency is requiring federal agencies to patch Linux devices on their networks and urging private sector organizations to do the same after security researchers observed threat actors exploiting a new vulnerability on many major Linux distributions.

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level