Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try's a charm?
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Second try's a charm?
Second try's a charm? Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…
Also: How AI May Democratize Cybercrime and How Everyday Routers Enable EspionageIn this week's ISMG panel, four ISMG editors discussed big shifts in cybersecurity: Anthropic's "dangerous" new AI model that can uncover thousands of zero-days, growing concerns about a surge in AI-driven flaws, and the FBI disrupting a Russian espionage campaign targeting everyday routers.
Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key ActivityThis week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K.
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai
The U.S. Treasury Department has sanctioned a Russian exploit broker who bought stolen hacking tools from a former executive of a U.S. defense contractor. [...]
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars
The former head of Trenchant, a specialized U.S. defense contractor unit, was sentenced Tuesday to more than seven years in federal prison for stealing and selling zero-day exploits to a Russian exploit broker whose clients include the Russian government. [...]
PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in Brief The former General Manager of defense contractor L3Harris’s cyber subsidiary Trenchant sold eight zero-day exploit kits to Russia, according to a court filing last week.…
Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already exploiting Microsoft's latest Office zero-day, with Ukraine's national cyber defense team warning that the same bug is being used to target government agencies inside the country and organizations across the EU.…
The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker
Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being EmployedData-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers.
Security Experts Advise Immediate Patching; Zero-Day Attacks Began Last MonthAffiliates of Russian-speaking ransomware operation Medusa began targeting a zero-day vulnerability in widely used Fortra GoAnywhere Managed File Transfer software one week before the vendor issued a security alert, patch and mitigation instructions for the flaw, say security experts.
Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky DataThis week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.
RomCom Group Deployed SnipBot, RustyClaw and Mythic Agent VariantsA Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation. The campaign exploited a vulnerability now tracked as CVE-2025-8088, a path traversal vulnerability.
A few weeks earlier 'zeroplayer' advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.…
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. [...]
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities
A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp