Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

34 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 34 Filtered view
Bank Info Security 4 months, 1 week ago

Salesforce Sounds Alarm Over Fresh Data Extortion Campaign

CRM-Obsessed ShinyHunters Gang Exploits Misconfigured Customer Experience PortalsA prolific and noisy cybercrime gang with a penchant for stealing Salesforce customers' data and holding it ransom is taking advantage of misconfigured guest accounts meant to provide public access to services meant to remain private, using a Google scanning tool to identify vulnerable accounts.

Bank Info Security 4 months, 3 weeks ago

Police Target Violent Online Predators Incubated by the Com

28 Countries Join Forces to Pursue Violent Online Extremism Targeting ChildrenA global law enforcement initiative to coordinate the disruption of violent online extremism targeting minors and vulnerable individuals swept up 30 suspected members of "The Com," the decentralized, largely Western adolescent cybercrime community.

Bank Info Security 5 months, 3 weeks ago

AI-Driven Attacks and the Future of Security

AI is changing cybercrime in a big way. Autonomous AI agents could soon carry out entire attacks on their own -scanning servers, testing vulnerabilities, refining exploits and even launching phishing campaigns from start to finish, said David Sancho, senior threat researcher at Trend Micro.

Bank Info Security 6 months, 3 weeks ago

AI-Driven Attacks and the Future of Security

AI is changing cybercrime in a big way. Autonomous AI agents could soon carry out entire attacks on their own -scanning servers, testing vulnerabilities, refining exploits and even launching phishing campaigns from start to finish, said David Sancho, senior threat researcher at Trend Micro.

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure

Bank Info Security 11 months ago

Russian Hackers Exploit WinRAR Zero-Day

RomCom Group Deployed SnipBot, RustyClaw and Mythic Agent VariantsA Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation. The campaign exploited a vulnerability now tracked as CVE-2025-8088, a path traversal vulnerability.

Bank Info Security 1 year, 3 months ago

Rash of Hacks Hits Nursing Homes and Rehab Centers

Why Are Facilities Caring for the Elderly 'Targets of Opportunity' For Cybercrime?More than a half dozen nursing homes and rehabilitation centers have reported an assortment of major hacks in the last month affecting a total of more than 130,000 individuals. What makes facilities caring for elderly and disabled patients an attractive and vulnerable target to cybercriminals?

Espionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass HitsRussian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.

Bank Info Security 1 year, 9 months ago

Breach Roundup: AI 'Nudify' Sites Serve Malware

Also: Prison Sentences for BEC Scammers and a West African Cybercrime CrackdownThis week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available. [...]

Loading more headlines...