Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

167 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 167 Filtered view

Mark McClain on Why Governance Is the Foundation for Managing Non-Human IdentitiesSailPoint CEO Mark McClain says AI agents should be governed through human identity policies rather than managed independently, arguing that credential visibility, access governance and regulatory compliance will become foundational as enterprises scale up AI adoption.

Bank Info Security 4 days, 21 hours ago

Jscrambler npm Breach Exposes Developers to Malware

Malware Harvested Cloud Credentials, Source Code and Deployment TokensAttackers used a compromised npm publishing credential to release five malicious versions of Jscrambler's Code Integrity package, deploying a Rust-based infostealer that harvested developer, cloud and AI tool credentials while evolving its delivery methods to evade detection.

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution on the host

Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user's credentials and sending them to an attacker

A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it

Trend Micro Research, News and Perspectives 1 month ago

Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign

Cybercriminals hijacked Google Ads searches for popular AI developer tools to funnel over 2,000 victims toward malicious download pages before quietly moving their operation onto claude.ai's own platform, turning the trusted domain into a delivery mechanism for credential-stealing malware.

Startup Targets Incumbents Doing Directories, Authentication, Federation and SSONewCore, founded by Dome9 creator Zohar Alon, emerged from stealth with $66 million to build security-first identity infrastructure designed to manage the explosion of autonomous AI agents, machine identities and cryptographic credentials expected across modern enterprises.

Buying New York Startup Adds Just-in-Time Authorization and Governance Controls1Password acquired access governance startup Apono to combine credential security, just-in-time authorization and intent-based access controls into a unified platform designed to govern humans, machines and AI agents while reducing risks tied to static permissions.

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2026 had listed 483 victims on their dark-web leak site, 380 of them in 2026 alone. That makes them the […]

It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family […]

Bank Info Security 1 month, 1 week ago

Miasma Worm Hits Microsoft's AI Coding Ecosystem

Attackers Compromised More Than 70 Microsoft Repositories in Under 2 MinutesAttackers linked to the Miasma supply-chain campaign compromised a Microsoft contributor account and pushed malicious code into more than 70 repositories, using artificial intelligence-assisted coding tools as an infection path to steal credentials and developer secrets at scale.

Loading more headlines...