Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. This is

Trend Micro Research, News and Perspectives 3 months, 3 weeks ago

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise

TeamPCP orchestrated one of the most sophisticated multi-ecosystem supply chain campaigns publicly documented to date that cascaded through developer tooling and compromised LiteLLM, exposing how AI proxy services that concentrate API keys and cloud credentials become high-value collateral when supply chain attacks compromise upstream dependencies.

Bank Info Security 1 year, 5 months ago

Modern Bank Heists 2025: Revenge of the Zero Days

Tom Kellermann's Annual Report on Key Threats to Financial SectorZero days. Supply chain attacks. APIs and cloud environments as growing threat vectors. These are among the topics discussed in this seventh annual Modern Bank Heists report, and author Tom Kellermann discusses their impact on financial institutions - and which defensive gaps need to be filled now.