Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 months ago

AI-Built Zero-Day Nearly Powered Mass Attack

Google Says Criminals Used AI to Discover and Code ExploitA cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from scratch, said Google researchers. Google said it worked with the affected vendor to patch the flaw before an attack could be launched.

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams

China, Iran, North Korea Hackers Exploit Gemini Across Attack Life CycleState-backed hackers weaponized Google's artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses.

This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs. They also broke into supply chains and SaaS tools. Many hid inside trusted apps, browser alerts, and software updates

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Bank Info Security 1 year, 5 months ago

Nation State Groups Exploit Gemini AI App

Google Says Iranian and Chinese Threat Group the Most ActiveIranian and Chinese threat actors are using Google's artificial intelligence application Gemini for vulnerability scanning and reconnaissance activities, with some attempting to bypass security guardrails of the application, the computing giant disclosed.