Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

49 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 49 Filtered view

Despite a 2025 patch, Russian-linked groups still exploit a WinRAR flaw (CVE-2025-8088) to deploy malware via phishing archives. CVE-2025-8088 is a path traversal flaw in WinRAR that lets an attacker write files outside the extraction directory using NTFS Alternate Data Streams. WinRAR fixed it in version 7.13 in July 2025. Nearly a year later, Trend […]

Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing TakedownThis week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.

Bank Info Security 3 months, 3 weeks ago

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Also, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and FranceThis week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim surge.

Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-DaysThis week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw.

Bank Info Security 5 months, 3 weeks ago

Breach Roundup: DOGE Uploaded Social Security Data to Cloud

Also, CIRO Phishing Breach, Ingram Micro Ransomware and CVE SurgeThis week, DOGE posted sensitive data on an outside server. A phishing attack affected 750,000 Canadians. A hacktivism warning from the U.K. NCSC. An Ingram Micro breach. CVEs surged in 2025. SK Telecom challenged a fine. Researchers disclosed Chainlit flaws. North Korean hackers abused VS Code.

Bank Info Security 6 months, 1 week ago

Breach Roundup: Firewalls Headed for Obsolescence

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws ExploitedThis week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.

Bank Info Security 6 months, 1 week ago

Breach Roundup: Firewalls Headed for Obsolesce

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws ExploitedThis week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.

Bank Info Security 7 months, 4 weeks ago

Breach Roundup: Cloudflare Outage Root Cause

Also: Fortinet Flaws, Aisuru Botnet and Dutch Police Seize Bulletproof Host ServersThis week, the root cause of the Cloudflare outage, active exploitation of Fortinet flaws, Logitech disclosed a data breach, Microsoft headed off a record-breaking botnet attack, Dutch police seized bulletproof hosting servers and Princeton University disclosed a data breach after a phishing attack.

Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald's staff and partner portals that allowed anyone to order free food online, get admin rights to the burger slinger's marketing materials, and could allow an attacker to get a corporate email account with which to conduct a little filet-o-phishing.…

PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more Infosec in Brief Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos.…

Loading more headlines...