Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 7 most recent headlines Filtered view

Microsoft Urges Immediate Mitigation as State Actors Target SharePoint FlawHackers breached a sensitive database containing office locations and personal details of elected officials and staff in Canada's House of Commons. Hackers were able to "exploit a recent Microsoft vulnerability," according to an internal email sent to members and staff.

Bank Info Security 1 year, 2 months ago

Tracking Bugs: European Vulnerability Database Goes Live

EU Cybersecurity Agency-Run EUVD Tracks Mitigation Measures, Exploitation StatusEurope's new vulnerability-tracking service is now live. As mandated by the EU's NIS2 Directive, the European Vulnerability Database, or EUVD, is designed to be a one-stop shop for accessing aggregated, public information pertaining to known vulnerabilities in software and hardware.

Agency Calls Former Deadline to Clear Major Vulnerability Backlog Too 'Optimistic'The National Institute of Standards and Technology is still struggling with a backlog of over 19,000 security vulnerabilities in its National Vulnerability Database, according to a recent announcement, which acknowledged initial projections to clear the unassessed software flaws were too optimistic.

Bank Info Security 1 year, 8 months ago

Google AI Agent Finds Zero-Day in Popular Database Engine

Now-Fixed Flaw Is Big Sleep's First Real-World Bug Find, Say ResearchersGoogle's "highly experimental" artificial intelligence agent Big Sleep has autonomously discovered an exploitable memory flaw in popular open-source database engine SQLite. The researchers detail how the AI agent discovered the now-patched vulnerability.

Agency Awards Contract for Additional Staffing to Cope With Massive Backlog of CVEsThe U.S. National Institute of Standards and Technology announced plans to resume processing new vulnerabilities for the National Vulnerability Database after funding cuts forced the agency to stop tracking common vulnerabilities and exposures in the critical repository.

Bank Info Security 2 years, 2 months ago

Experts Warn the NVD Backlog Is Reaching a Breaking Point

Federal Database Nears 10,000 Unanalyzed Vulnerabilities Amid Halt in OperationsThe National Vulnerability Database is currently suffering from a backlog of nearly 10,000 unanalyzed common vulnerabilities and exposures amid an apparent halt in data enrichment operations and a growing debate over who should be in charge of overseeing the massive security risk library.

Bank Info Security 2 years, 6 months ago

Kyocera Printers Open to Path Traversal Attacks

Path Traversal Flaw Allows Malicious Actors to Exploit Kyocera's Device ManagerResearchers found a path traversal vulnerability in Kyocera's Device Manager product, which is used for overseeing large printer fleets in mid- to large-sized enterprises. Attackers could exploit the flaw to obtain NTLM hashes by changing the location of a backup database.