Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

Hackers exploit CVE-2026-3300 in Everest Forms Pro to inject PHP via form fields, creating rogue admin accounts. 29,300 attempts blocked. Researcher h0xilo submitted a flaw in Everest Forms Pro for WordPress, tracked as CVE-2026-3300, to Wordfence’s bug bounty program and earned $325 for it. WPEverest patched the flaw on March 18. Wordfence published a full […]

Bank Info Security 1 year, 5 months ago

Attackers Exploit Palo Alto Zero-Day Authentication Bypass

Surge in Attack Attempts Spotted After Palo Alto Networks Details and Patches FlawAttackers have stepped up efforts to exploit a vulnerability in the software that runs Palo Alto Networks firewall appliances that could give them direct access to the underlying software. Unauthenticated hackers could use PHP scripts to bypass the PAN-OS management web interface.

Bank Info Security 2 years, 1 month ago

Ransomware Gang TellYouThePass Exploits PHP Vulnerability

Flaw Allows Unauthenticated Attackers to Execute Arbitrary CodeA ransomware operation with a history of exploiting widespread internet vulnerabilities lost little time in making use of a critical severity vulnerability in scripting language PHP. The TellYouThePass ransomware group sees opportunity whenever system administrators must scramble to patch systems.

Bank Info Security 2 years, 1 month ago

Critical PHP Vulnerability Threatens Windows Servers

Remote Code Execution Exploit Found; Patch Now AvailableA critical remote code execution vulnerability in PHP for Windows, affecting all releases since version 5.x, requires immediate action from server administrators. The flaw enables attackers to execute arbitrary code on remote PHP servers through an argument injection attack.