Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution

Microsoft Patch Tuesday security updates for June 2026 fix a record 208 CVEs, including one actively exploited zero-day and multiple critical RCE flaws. Microsoft Patch Tuesday security updates for June 2026 mark a record. Microsoft shipped fixes for 208 CVEs across Windows, Office, Azure, Exchange, Hyper-V, Secure Boot, BitLocker, and a range of AI tooling. […]

This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line AI tool and is warning anyone running it in headless mode, or through GitHub Actions, to review their workflows.…

Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations

Bank Info Security 11 months, 1 week ago

MCP Protocol Bug Let Attackers Execute Code in Cursor

Cursor Patched Flaw Days After Disclosure, Says Check PointCheck Point researchers found a RCE flaw in Cursor, an AI-powered code editor, by manipulating a previously approved model context protocol configuration. Once a developer approved a configuration file for an MCP server, any future changes to that file could be executed without further prompts.

Companies Eager for Tools Are Putting AI's Transformative Power Ahead of SecurityHackers targeting a popular open-source project for running artificial intelligence tool Ollama could run into a big "Probllama" if they haven't yet patched, said security researchers from Wiz. Companies are focusing on AI's transformative power at the cost of its security.

About a thousand vulnerable instances still exposed online, we're told A now-patched vulnerability in Ollama – a popular open source project for running LLMs – can lead to remote code execution, according to flaw finders who warned that upwards of 1,000 vulnerable instances remain exposed to the internet.…

Hackers Could Exploit Bug on Replicate to Steal Data, Manipulate AI ModelsAttackers could have exploited a now-mitigated critical vulnerability in the Replicate artificial intelligence platform to access private AI models and sensitive data, including proprietary knowledge and personal identifiable information.

Flaws enable privilege escalation and remote code execution Nvidia's AI-powered ChatRTX app launched just six week ago but already has received patches for two security vulnerabilities that enabled attack vectors, including privilege escalation and remote code execution.…