Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, ultimately enabling attackers to execute malicious code on developer machines

Open-Source Models Hallucinate More Than Commercial Ones, Found StudyGenerative artificial intelligence assistants promise to streamline coding, but large language models' tendency to invent non-existent package names has led to a new supply chain hazard known as "slopsquatting," where attackers register phantom dependencies to slip malicious code into deployments.