Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 29 Filtered view

China’s UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google’s Threat Intelligence Group published a report this week on UNC6508, a China-linked cyberespionage group that breached North American medical and military research organizations and stayed hidden for more than two years. The earliest confirmed intrusion […]

Microsoft Security Research 1 month, 2 weeks ago

Typosquatted npm packages used to steal cloud and CI/CD secrets

The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The post Typosquatted npm packages used to steal cloud and CI/CD secrets appeared first on Microsoft Security Blog.

CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized "Ninja Browser." The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. [...]

Bank Info Security 2 years, 2 months ago

New Report Exposes Iranian Hacking Group's Media Masquerade

Mandiant Says APT42 Members Have Been Posing as Journalists to Steal Troves of DataMembers of the Iranian state hacking group APT42 have been observed posing as journalists from credible news outlets and well-known research institutions as part of a global effort to harvest credentials and hack into victim cloud networks, according to a Mandiant report published Wednesday.

Bank Info Security 2 years, 8 months ago

Info Stealers Thrive in Hot Market for Stolen Data

Browser Data, Crypto Wallets and Chat Apps Are Also Top Targets, Researchers ReportInfo-stealer malware built for stealing lucrative, sensitive data - including cryptocurrency wallet and remote access credentials - continues to remain popular for criminally inclined individuals. Researchers reports that RedLine, LokiBot, Mars and Aurora remain attackers' top info-stealer choices.

The Hacker News 2 years, 11 months ago

What's the State of Credential theft in 2023?

At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The 2023 Verizon Data Breach Investigations Report (DBIR) revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated

Loading more headlines...