Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs. They also broke into supply chains and SaaS tools. Many hid inside trusted apps, browser alerts, and software updates

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Also, Stolen Cookies for Sale, LexisNexis Breach and an FBI WarningThis week, Alcasec back in a Spanish jail, billions of stolen cookies and Chinese hackers used Google Calendar. LexisNexis and Adidas had breaches, a vishing warning from the FBI. ClickFix scammers used fake Google Meet pages, Victoria's Secret went offline. Microsoft will update all your software.

Bank Info Security 1 year, 2 months ago

Breach Roundup: Cookie Bite Exposes MFA Achilles Heel

Also, Blue Shield Breach Exposes 4.7M, Cyberattack Disrupts City Systems in TexasThis week, Cookie Bite bypasses MFA in Azure Entra ID, Microsoft fixed RDP Freezes, a ransomware attack in Catalonia, Blue Shield exposed data to Google, a cyberattack disrupted city systems in Texas, South Korean telecom breach exposed USIM data and a warning about North Korean IT deepfakes.

Bank Info Security 1 year, 3 months ago

Breach Roundup: Port of Seattle Notifies 90,000 Victims

Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete ServersThis week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider's "King Bob" pleaded guilty, SmokeLoader users busted.

Also: Google Fixes YouTube Vulnerabilities That Could Have Exposed User EmailsThis week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws.

Bank Info Security 1 year, 9 months ago

Breach Roundup: Brazilian Police Arrest USDoD

Also: Internet Archive Limps Back Online, Beware Kerbertoasing and Passkey TakeupThis week, Brazilian police arrested USDoD, Internet Archive is recovering, a Microsoft warning over Kerberoasting and of mounting phishing attacks, Google touted memory safety efforts, Volkswagen said no harm after ransomware attack, and Amazon reported over 175 million customers using passkeys.

Bank Info Security 2 years, 2 months ago

Breach Roundup: Kimsuky Serves Linux Trojan

Also: Turla Targets European Missions and Google Patches Chrome Zero-DaysThis week, hackers used a Linus backdoor and a Microsoft client management tool; Santander Bank, the Helsinki Education Division, an Australian energy provider and auction house Christie's were breached; hackers targeted European missions in the Middle East; and Google patched a zero-day flaw.

Bank Info Security 2 years, 4 months ago

Breach Roundup: US FCC Authorizes IoT Cybersecurity Label

Also: Catching Up With Spain's Most Dangerous HackerThis week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.