Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 1 year, 9 months ago

North Korea Targets Software Supply Chain Via PyPI

Backdoored Python Packages Likely Work of 'Gleaming Pisces,' Says Palo AltoA North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an apparent attempt at a supply chain attack.

Bank Info Security 2 years, 2 months ago

Pyongyang Hackers Deploy Backdoors Via Fake Job Interviews

North Korean Prediliction for Elaborate Social Engineering Attacks Strikes AgainLikely North Korean threat actors are using fake job interviews to trick software developers into downloading disguised Python backdoors as part of an ongoing espionage campaign. Pyongyang hackers have a history of constructing elaborate social engineering ruses.

Three additional malicious Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors