Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view

Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket’s security research team started with the investigation of a single malicious Go module: github[.]com/kaleidora/dnsub-scanning-tool, which presented itself as a DNS and subdomain scanning utility. Pulling on that thread exposed something significantly larger: a network of 222 confirmed […]

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have been tracking a new malware family, called RustDuck, that hijacks routers, cameras, Android set-top boxes, and exposed servers, then uses them to flood targets with junk […]

Unpatched Flaw in Open-Source Gogs Service Facilitates Remote Code ExecutionAn attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self-hosting, warned researchers. At least 700 internet-exposed servers running Gogs shows signs of being infected with command-and-control malware; no patch is yet available.

Bank Info Security 8 months, 3 weeks ago

Russia's Coldriver Revamps Malware to Evade Detection

Russian Intel Hackers Flexible in Face of DetectionRussia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research.

Attacks on unprotected servers reach 'critical level' An unknown attacker is abusing exposed Docker Remote API servers to deploy perfctl cryptomining malware on victims' systems, according to Trend Micro researchers.…

Loading more headlines...