Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

This CVSS 10.0 RCE vuln has been patched, automatically for some, so better check those workflows If you use Gemini CLI, watch out: Google has patched a CVSS 10.0 vulnerability in its command-line AI tool and is warning anyone running it in headless mode, or through GitHub Actions, to review their workflows.…

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads

Bank Info Security 8 months, 2 weeks ago

Hypervisors, the Next Big Target for Hackers

Google Warns of Cyber Trends Gaining TractionThe virtualized layer of technology underpinning modern IT deployments is transforming from a strength to a cybersecurity vulnerability, warns Google in a report extrapolating current trends. A confluence of factors are converting virtualized environments into a "critical blind spot."

Google’s Mandiant Warns About Remote Attacks Disrupting Grid StabilityVulnerabilities in networked devices programmed to instantaneously trip power grid substation circuit breakers could be the means hackers use to cause the next blackout, warn researchers. There are "systemic patterns across substations, utilities and industrial sites worldwide," Mandiant warned.

Bank Info Security 2 years, 6 months ago

Chrome Patches First Zero-Day of 2024 Exploited in the Wild

Google Fixes Out-of-Bounds Memory Access Flaw, Microsoft Edge Browser Also AffectedGoogle released an urgent fix for the first zero-day vulnerability of the year in its Chrome web browser, warning the bug is under active exploitation. Google blamed an out-of-bounds memory access flaw in its V8 JavaScript rendering engine. It also affects Microsoft Edge browser.

The U.S. Cybersecurity and Infrastructure Security Agency has added two vulnerabilities to the Known Exploited Vulnerabilities catalog, a recently patched flaw in Google Chrome and a bug affecting an open-source Perl library for reading information in an Excel file called Spreadsheet::ParseExcel. [...]

ALSO: Verizon turns self in for reduced fine, malvertising comes to macOS, and this week's critical vulnerabilities In brief Watch out, cyber security researchers: Suspected North Korean-backed hackers are targeting members of the infosec community again, according to Google's Threat Analysis Group (TAG).…

Loading more headlines...