Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

218 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 218 Filtered view

Also: AscendEX Shuts Down; Ethereum Foundation on AI Bug HuntingThis week, Ostium paused trading, AscendEX shut down, Ethereum said AI hastens bug hunting, not verification, the United States charged an inmate over seized transfer, ex-Sheriff's deputy jailed for extortion, Tangem card security, Iran-linked wallets sanctions and the U.S. may drop BitClub charges.

Bank Info Security 1 week, 1 day ago

AI Coding Tools Can Fake Approval Prompts

Old Unix Symlink Trick Lets Malicious Code Bypass User ChecksWiz researchers found that six popular AI coding assistants can be tricked into modifying sensitive files, including SSH keys, while their approval prompts display a harmless filename. The GhostApproval technique exploits a decades-old Unix symlink behavior to mislead users.

AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers can trigger arbitrary process execution through AutoGen Studio’s MCP WebSocket. The research highlights a broader pattern - when agents can browse untrusted content and access local services, traditional boundaries like localhost are no longer secure. The post AutoJack: How a single page can RCE the host running your AI agent  appeared first on Microsoft Security Blog.

Lightspeed Funds Will Support Defenses Against Continuous, Machine-Led ExploitationA Security, founded by former Sygnia executive Yossi Torati, emerged from stealth with $37 million to build defenses against weaponized AI that can automate discovery, exploit attack paths and manipulate agentic systems faster than human security teams can respond.

Evaluations of Claude Mythos 5 Elevates Offensive Cyber, But Isn't Fully AutonomousAnthropic says its new Claude Mythos 5 model that debuted Tuesday can consistently discover vulnerabilities, build exploit chains and assist attacks on weak enterprise networks, but remains below the threshold for fully autonomous large-scale cyber operations.

Bank Info Security 1 month, 1 week ago

AI Exploit Risks Pushing Healthcare Security Shift

MultiCare Health CISO Jason Elrod on Need for Faster Cyber ResilienceEmerging AI tools can identify and exploit software vulnerabilities within minutes, forcing healthcare organizations to rethink cyber strategies. Jason Elrod, CISO of MultiCare Health System, explains why exploitability management, microsegmentation and AI-driven resilience matter more than ever.

Bank Info Security 1 month, 2 weeks ago

Cryptohack Roundup: US Strikes Iran's Crypto Network

Also: Former Hodlnaut CEO Charged and Stake DAO Hit by ExploitEvery week, ISMG rounds up cybersecurity incidents in digital assets. This week, the U.S. sanctioned Iran's largest exchange, ex-Hodlnaut CEO faced charges, the U.S. Securities and Exchange Commission sued over a $12.3M AI crypto scam and exploits hit Gravity Bridge, Stake DAO and Gnosis Pay.

Loading more headlines...