Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view

Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call SessionReaper and describe as one of " the most severe" flaws in the history of the product. [...]

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an

Offensive security researchers have created exploit code for CVE-2022-24086, the critical vulnerability affecting Adobe Commerce and Magento Open Source that Adobe that patched in an out-of-band update last Sunday. [...]