Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

66 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 66 Filtered view

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Prolific Threat Actor Focused on Using Malware to Facilitate Cargo TheftCargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote management and monitoring software installers appear to be legitimate. Who's providing this signing service isn't clear. It's probably distributed by word of mouth.

Bank Info Security 4 months, 3 weeks ago

Cashing Out: ATM Jackpotting Attacks Surging Across US

$20M Stolen Last Year in Malware-Driven Jackpotting Attacks, Warns FBIMalware-wielding criminals "jackpotted" ATMs across the United States last year to walk away with $20 million thanks to "cash-out" attacks. Tracking that collective haul, the FBI said such attacks are on the rise, and urged operators to implement a range of physical and hardware-level defenses.

Bank Info Security 4 months, 4 weeks ago

Massiv Attack: Android Trojan Targets IPTV Users

New Trojan May Soon Be Offered for Sale to Criminal UndergroundSecurity researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.

Bank Info Security 5 months, 4 weeks ago

Over-the-Air Software Updates Pose Risks to Vehicles

eSync Alliance Chair Shrikant Acharya on How Standardization Can Prevent BreachesOver-the-air updates are an irreplaceable part of software-defined vehicles, giving manufacturers a convenient way of remotely fixing and upgrading vehicles. If not appropriately secured, over-the-air updates can become a gateway for data theft, malware injection, vehicle theft and even injury.

Bank Info Security 6 months, 1 week ago

Missing MFA Strikes Again: Hacker Hits Collaboration Tools

Terabytes of Data Stolen From Cloud-Based Collaboration Tools, Researchers WarnDozens of organizations that use real-time content collaboration platforms appear to have lost not only credentials but also terabytes of hosted data to information-stealing malware being wielded by an initial access broker with a sideline in auctioning large volumes of stolen data.

Bank Info Security 7 months, 1 week ago

Google Patches AI Flaw That Turned Gemini Into a Spy

Zero-Click Vulnerability Let Attackers Weaponize Enterprise AI AssistantGoogle patched a vulnerability in Gemini Enterprise that allowed attackers to steal corporate data through a shared document, calendar invitation or email without any user action or security alerts. No malware was executed, no credentials were phished and no data left through approved channels.

Bank Info Security 8 months, 2 weeks ago

Russian Police Bust Suspected Meduza Infostealer Developers

3 'Young IT Specialists' Arrested After Malware Tied to Government Agency InfectionRussian police have arrested "three young IT specialists" in Moscow, charging them with developing and selling the notorious Meduza information-stealing malware, and members of their group using the infostealer to breach a Russian government institution in May and exfiltrate data.

Bank Info Security 8 months, 3 weeks ago

Infostealers Run Wild

Malware Captures Billions of CredentialsThe threat posed by information-stealing malware continues to rise, as it mass harvests ever-greater quantities of user credentials and offers them for sale across the cybercrime underground. Researchers have recently tracked 1.8 billion stolen credentials being sold across illicit marketplaces.

Bank Info Security 9 months, 1 week ago

AI Browsers Vulnerable to Data Theft, Malware

AI Actions Bypass Security ToolsArtificial intelligence-powered browsers could expose enterprises to data theft, malware distribution and unauthorized access to corporate apps, new research shows. AI browsers built to complete tasks autonomously lack the security awareness to verify whether an instruction is safe.

Bank Info Security 9 months, 3 weeks ago

Phishing Campaign Lobs Malicious SVG Attachments at Ukraine

Government Agencies Targeted With Infostealers and Cryptomining MalwareA fake police alert is the social engineering cornerstone of an ongoing phishing campaign targeting Ukrainian government agencies, warn security researchers. They're tracking a surge in malicious SVG file attachments, in this case leading to information-stealing and cryptocurrency-mining malware.

Bank Info Security 10 months, 1 week ago

Hackers Compromise 18 NPM Packages in Supply Chain Attack

Attacker Socially Engineered Developer With Phishing EmailA hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.

Bank Info Security 10 months, 1 week ago

Sextortion Risk Alert as Infostealer Can Grab Webcam Images

Free Stealerium Malware Grabs Desktop and Webcam Images When NSFW Content DetectedBlackmailers have long spammed internet users, claiming to have captured images of them accessing adult content. Lately, these sextortion criminals have a new trick up their sleeve: the real thing, thanks to information-stealing malware with a NSFW content trigger to grab webcam and desktop images.

Bank Info Security 11 months, 1 week ago

Cryptohack Roundup: Verdict in Tornado Cash Founder's Case

Also: Samourai Wallet Co-Founders' Guilty Plea, Coinbase Loss From Data TheftThis week, Tornado Cash co-founder convicted, Samourai Wallet guilty plea, Coinbase insider data theft, a U.S. court overturned an OpenSea executive's fraud conviction, AI-written malware stole crypto, Credix exploit, CZ sought dismissal of FTX claim, July hacks and a FinCEN crypto ATM warning.

Bank Info Security 11 months, 2 weeks ago

Russia's Flag Carrier Cancels Flights After Hack Attack

Aeroflot Hit With Wiper Malware, Claim Pro-Ukrainian Hackers From BelarusRussia's largest airline, Aeroflot, canceled dozens of flights on Monday and delayed more due to an IT disruption. Two pro-Ukrainian hacking groups from Belarus claimed to have wiped stolen extensive customer data before wiping 7,000 physical and virtual servers used by the airline.

Also: CoinMarketCap Attack, BitPro Blames Lazarus for $11M HackThis week, a new malware targeted crypto wallets via photos, CoinMarketCap faced attack, BitoPro blamed Lazarus for heist, Trezor warned of phishing scam, France saw another crypto kidnapping, cops re-arrested teen after second theft, Hacken blamed human error for exploit and Self Chain ousted CEO.

Trojanized NetExtender Installer Exfiltrates Data to Hardcoded IP AddressFake versions of SonicWall VPN software contain a credential-stealing Trojan, the California network security company warned Monday. Imposter versions of tools such as VPNs, virtual desktops and software development tools "are often laced with infostealers."

Loading more headlines...