Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 15 most recent headlines Filtered view

When You Consume AI, You Inherit Every Upstream Risk You Can't SeeMost enterprises don't build AI, they consume it through APIs, open-source models and orchestration frameworks. Each layer inherits upstream risk with little visibility. This piece maps the four-layer AI supply chain and the existing security disciplines that bring it under control.

Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization

A multi-layered security framework protecting large-model applications from adversarial threats, data leakage, API abuse, and content risks Partner Content At MWC Shanghai 2025, ZTE has officially launched its ZXCSec MAF product, a dedicated application-layer security protection device specifically designed for large model services.…

High-Severity Flaw in LangChain's AI Tooling Hub Now PatchedA flaw in the LangSmith platform, an open-source framework that helps developers build LLM-powered applications, can enable hackers to siphon sensitive data, said Noma Security. Dubbed AgentSmith, the flaw can allow attackers to embed malicious proxy configurations into public AI agents.

The Hacker News 1 year, 5 months ago

Do We Really Need The OWASP NHI Top 10?

The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists.  Non-human identity security represents an emerging

Bank Info Security 1 year, 10 months ago

ColorTokens Strengthens Zero Trust With PureID Acquisition

PureID Passwordless Authentication Tool Will Boost ColorTokens MicrosegmentationColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.