Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

38 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 38 Filtered view

New macOS infostealer CrashStealer uses a signed app to bypass Gatekeeper, steals credentials and wallets, then AES-encrypts stolen data. Jamf Threat Labs first spotted CrashStealer in early May 2026 as a suspicious macOS sample uploaded to VirusTotal. By early July, in-the-wild detections confirmed the malware had moved from development into active deployment. The malware is […]

A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts

OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection. OnyxC2 appeared on a cybercrime forum earlier this year and is sold as a subscription service: $250 per month for the standard build, $500 for the premium tier that includes HVNC, and $6,000 for an […]

OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection. OnyxC2 appeared on a cybercrime forum earlier this year and is sold as a subscription service: $250 per month for the standard build, $500 for the premium tier that includes HVNC, and $6,000 for an […]

Prolific Threat Actor Focused on Using Malware to Facilitate Cargo TheftCargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote management and monitoring software installers appear to be legitimate. Who's providing this signing service isn't clear. It's probably distributed by word of mouth.

DeepLoad logs keystrokes, buries details behind reams of AI-generated code, and re-infect hosts days after being blocked, according to ReliaQuest.  The post Researchers say credential-stealing campaign used AI to build evasion ‘at every stage’ appeared first on CyberScoop.

Bank Info Security 9 months, 2 weeks ago

Bitcoin Fixer Convicted for Role in Money Laundering Scheme

$7 Billion Illicit Bitcoin Horde: Malaysian National Latest to Plead GuiltyA Malaysian national pleaded guilty Tuesday in an English courtroom to assisting an investment fraud scammer who converted stolen assets into a cryptocurrency treasure trove now worth $7.1 billion, including helping her to evade arrest by lining up assistants and Airbnb rentals in Scotland.

Also: Dismantling a 460 Million Euro Crypto Fraud NetworkThis week, a peek into Iran's largest crypto exchange blending privacy, scale and sanctions evasion, Europol and Spanish police dismantled a crypto fraud network, $9.5M Resupply hack, sentencing in a $40M ponzi scheme and a North Korean crypto theft and employment fraud ring.

Loading more headlines...