Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view

Also, Arch Linux Attack, Estonia Quarantines Russian Emails, Joomla FlawThis week, ShinyHunters leaked alleged Madison Square Garden data, a U.S. senator pressed CISA on regional staffing cuts, an Arch Linux supply-chain attack, Mackay Sugar began recovery from a ransomware attack, Novo Nordisk faced dueling breach claims - and more compelling cybersecurity news.

Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing TakedownThis week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.

Bank Info Security 3 months, 2 weeks ago

Breach Roundup: Feds Confirm 'Major' Hack of FBI System

Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key ActivityThis week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K.

Bank Info Security 4 months, 4 weeks ago

Breach Roundup: Cambodia Scam Center Crackdown

Also: EU Bans AI Tools, Notepad++ Secures Updater, Apple Patches iOS Zero-DayThis week, Cambodia shuttered 200 scam centers. EU Parliament banned AI tools. Canada Goose disputed a ShinyHunters leak. Notepad++ patched an updater flaw. Apple fixed a decades-old iOS zero-day. BeyondTrust and Dell patched critical flaws under active exploitation.

Also, Venezuela Cyberattack, Endesa Confirms Breach and Telegram IP LeakThis week, a software flaw caused the Verizon outage. U.S. cyberattack in Venezuela. ICE identities published online. BreachForums users leaked. Spanish energy provider Endesa data breach. Telegram privacy risk. A MuddyWater upgrade. Dutch man sentenced for hacking a maritime port. A ServiceNow patch.

Bank Info Security 6 months, 2 weeks ago

Breach Roundup: Clop Tied to Korean Air Vendor Breach

Also: China-Linked APT Hijack Updates, Condé Nast Data Leaked, La Poste HitThis week, a Clop-linked vendor breach hit Korean Air, a China-linked APT hijacked software updates, a critical zero-day flaw remained unpatched, Condé Nast faced a data leak, La Poste was disrupted and Korean police extradited a malware operation suspect.

Bank Info Security 8 months, 2 weeks ago

Hospital System Flaws Could Leak Patient Data, CISA Says

Agency Warns Vertikal Systems Vulnerabilities Could Help Hackers Access DataU.S. federal authorities are warning about vulnerabilities in hospital information management systems from Romanian firm Vertikal Systems that could allow hackers to obtain and disclose patient data. The affected systems are used mostly by smaller hospitals and clinics outside the United States.

Bank Info Security 9 months, 1 week ago

GitHub Copilot Chat Flaw Let Private Code Leak Via Images

Researcher Found Bug Could Exfiltrate Secrets Via Camo ImagesA now-patched flaw in GitHub Copilot Chat could have allowed attackers to steal private source code and secrets by embedding hidden prompts that hijacked the artificial intelligence assistant's responses. The exploit also used the code hosting platform's image proxy to leak the stolen data.

Deploy Emergency Patch for Zero-Day Flaw, Hunt for Signs of Intrusion, Warn ExpertsOracle patched a zero-day vulnerability in Oracle E-Business Suite and urged customers to immediately install the fix. The flaw has been exploited since August by the Clop ransomware group, and with exploit code now having leaked, experts expect to see many more attackers join the fray.

Bank Info Security 11 months, 2 weeks ago

Breach Roundup: Did China Have a Sneak Peek Into ToolShell?

Also: ToolShell Hits South Africa, Most Americans Are Online Fraud VictimsThis week: Did China sneak a peek into ToolShell? ToolShell hacking in South Africa, Cisco flaws, an Arizona woman sentenced for aiding North Korea. Most Americans scammed online, a NASCAR data breach and a claimed data leak at France's Naval Group. Orange telecom disrupted. Dating app Tea breach.

Also, Spain Arrests Hacker Behind Leaks Targeting Politicians and JournalistsThis week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a Trojan.

Microsoft Patched Flaw Allowing Attackers to Hijack Copilot ResponsesA well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data until the operating system giant patched the vulnerability. The zero-click prompt injection attack vulnerability received a CVSS severity score of 9.3.

Bank Info Security 1 year, 1 month ago

Linux Crash Dump Flaws Expose Passwords, Encryption Keys

Race-Condition Bugs in Ubuntu and Red Hat Tools Could Leak Sensitive Memory DataHackers could exploit a tool that stores crashed system data in older Linux operating systems to obtain passwords and encryption keys, warn researchers. The flaw lies in the way certain Linux distributions, including Ubuntu, Red Hat, and Fedora, handle application crashes.

Prompt Injection, HTML Output Rendering Could Be Used for ExploitHackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab's DevSecOps platform to manipulate the model's output, exfiltrate source code and potentially deliver malicious content through the platform's user interface.

Bank Info Security 1 year, 5 months ago

Breach Roundup: DeepSeek Leaked Sensitive Data

Also: Infostealer Malware Compromises Mexican Government ComputersThis week, DeepSeek exposed sensitive data, hackers exploited unpatched Zyxel flaws, infostealer malware on Mexican government computers, Smiths Group incident, PowerSchool breach notifications, an Apple zero-day, XWorm RAT backdoor, and Credit Control Corporation settled a lawsuit.

Also: Interpol Says 'Pig Butchering' Shames Victims, A Data Leak Scandal in MexicoThis week, U.S. asks Israel to extradite an alleged LockBit coder, don't say "pig butchering," and an Apache Struts flaw. A hunt for alleged data thieves in Mexico, Europe probes TikTok and Netfilix fined 4.75 million. A ransomware attack against Texas medical centers and a credit union breach.

Bank Info Security 2 years, 5 months ago

Google Settles Google+ API Data Leak Lawsuit for $350M

Plaintiffs Alleged Google Sought to Cover Up API Flaw That Exposed Private DataSilicon Valley giant Google agreed to settle for $350 million a shareholder lawsuit alleging it mislead investors by attempting to cover up a privacy flaw in now-defunct social network Google+ that resulted in outside applications having access to private profile information.

Bank Info Security 2 years, 5 months ago

Popular GPUs Used in AI Systems Vulnerable to Memory Leak

LeftoverLocals Affects Apple, AMD and Qualcomm DevicesResearchers uncovered a critical vulnerability in graphic processing units of popular devices that could allow attackers to access data from large language models. They dubbed the vulnerability LeftoverLocals and said it affects the GPU frameworks of Apple, AMD and Qualcomm devices.

Bank Info Security 2 years, 5 months ago

Popular GPUs Used AI Systems Vulnerable to Memory Leak Flaw

LeftoverLocals Affects Apple, AMD and Qualcomm DevicesResearchers uncovered a critical vulnerability in graphic processing units of popular devices that could allow attackers to access data from large language models. They dubbed the vulnerability LeftoverLocals and said it affects the GPU frameworks of Apple, AMD and Qualcomm devices.