Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Bank Info Security 11 months, 2 weeks ago

AI Agents Can Hack Smart Contracts on Autopilot

AI Tools Can Steal Crypto Autonomously, Even From Audited CodeArmed with just a smart contract address, researchers developed an autonomous artificial intelligence tool that can scan for vulnerabilities, write working exploits in the Solidity blockchain programming language and siphon funds. "It behaves more like a human hacker," said its co-creator.

Bank Info Security 1 year, 5 months ago

Cryptohack Roundup: Critical Ethereum Vulnerability

Also: Conviction in £1.5M Fraud, Sentencing in Torture and Theft CaseThis week's stories include a critical Ethereum vulnerability, conviction in a £1.5M fraud, sentencing in a torture and crypto theft case, SEC's new roadmap, Jan crypto stats, Coinbase social engineering victims, and U.S. lawmakers' digital assets working group.

Bank Info Security 1 year, 10 months ago

North Korean Hackers Tied to Exploits of Chromium Zero-Day

Cryptocurrency Users Targeted in Latest Campaign Involving FudModule RootkitA hacking group tied to North Korea exploited a zero-day vulnerability in the open source Google Chromium web browser to try and steal cryptocurrency, Microsoft said. The attack campaign is the latest to involve a sophisticated North Korean rootkit called FudModule. Google has fixed the flaw.

Bank Info Security 1 year, 10 months ago

North Korea Exploited Windows Zero-Day to Deploy Fudmodule

Lazarus Espionage Group's Sophisticated Malware Evades Antivirus MonitoringNorth Korea's Lazarus hacking team, which focuses on cryptocurrency theft and espionage, has once again been exploiting a zero-day vulnerability in Microsoft Windows to install antivirus-suppressing malware dubbed Fudmodule to aid its intrusions.

Bank Info Security 2 years, 1 month ago

RedTail Cryptomining Malware Exploits PAN-OS Vulnerability

Threat Actors Mirror the Tactics of North Korea's Lazarus GroupCryptomining malware that might be North Korean in origin is targeting edge devices, including a zero-day in Palo Alto Networks' custom operating system that the company hurriedly patched in April. It appears threat actors operate their own mining pools or pool proxies rather than using public ones.

Bank Info Security 2 years, 3 months ago

Possible Chinese Hackers Use OpenMetadata to Cryptomine

Hackers Target OpenMetadata Platforms Running on Cloud Kubernetes EnvironmentsHackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warned Microsoft. "I want to buy a car," the hackers tell victims in a note and solicit monero donations.

Bank Info Security 2 years, 5 months ago

Cyber Fail: When Ransomware Gangs Get Careless

Also: Rampant App Vulnerabilities, Cloud Misconfiguration and Why CISOs MatterWelcome to "Cyber Fail," where our experts uncover fails so we can all strengthen our defenses. Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.