Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

TuxBot v3, an AI-built IoT botnet for 17 architectures, shipped with LLM bugs and safety disclaimers the developer never removed. Palo Alto Networks’ Unit 42 identified a previously undocumented modular IoT botnet framework called TuxBot v3 Evolution, and it comes with an unusual detail: the developer used a large language model to write significant portions […]

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from a large language model (LLM), albeit with not so successful results

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers from the University of Toronto has demonstrated how open-source artificial intelligence models can be used to create a new category of computer worms capable of autonomously […]

Bank Info Security 1 month, 4 weeks ago

New CEO Joe Diamond Pushes Axonius Beyond Asset Management

Axonius Wants Enterprises to Spot Assets and Automate Remediation From One PlatformNew Axonius CEO Joe Diamond said the New York-based company is evolving from asset management to asset intelligence by combining visibility, contextual correlation and automated remediation across IT, IoT, OT and emerging AI agent environments. Diamond takes over from founding CEO Dean Sysman.

Krebs on Security 8 months, 2 weeks ago

Aisuru Botnet Shifts from DDoS to Residential Proxies

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.

Bank Info Security 10 months, 1 week ago

Mitsubishi Electric to Buy Nozomi in $883M OT Security Deal

Purchase Expands AI-Powered Cyber Defense for Operational, Critical InfrastructureMitsubishi Electric is acquiring San Francisco-based Nozomi Networks to enhance protection for OT and IoT systems. The move accelerates cyber innovation and supports customers through AI-driven insights, cloud-native tools, and strong industry collaboration.

What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because cybercriminals are rethinking what counts as “infrastructure.” Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It's not just clever—it’s

Trend Micro Research, News and Perspectives 1 year, 7 months ago

Gafgyt Malware Targeting Docker Remote API Servers

Our researchers identified threat actors exploiting misconfigured Docker servers to spread the Gafgyt malware. This threat traditionally targets IoT devices; this new tactic signals a change in its behavior.

Bank Info Security 1 year, 7 months ago

NIST IoT Device Security Framework to Get an Update

Revised Framework to Address Emerging IoT Risks and TechnologiesThe U.S. National Institute of Standards and Technology plans to revise its Internet of Things cybersecurity framework to address evolving risks posed by emerging technologies and use cases, such as AI and immersive tech. The proposed updates will broaden the focus to entire product ecosystems.

Bank Info Security 2 years, 4 months ago

Breach Roundup: US FCC Authorizes IoT Cybersecurity Label

Also: Catching Up With Spain's Most Dangerous HackerThis week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.

Bank Info Security 2 years, 5 months ago

ISMG Editors: Emerging AI Tech for Cloud Security in 2024

Payments Expert Troy Leach Joins the Panel to Cover AI, Zero Trust and IoT SecurityIn the latest weekly update, Troy Leach, CSO at Cloud Security Alliance, joins three editors at ISMG to discuss important cybersecurity issues, including how generative AI is enhancing multi-cloud security, AI's influence on authentication processes, and the state of zero trust and IoT security.

Staff able to watch customers in the bathroom? Tick! Obviously shabby infosec? Tick! Training AI as an excuse for data retention? Tick! America's Federal Trade Commission has made Amazon a case study for every cautionary tale about how sloppily designed internet-of-things devices and associated services represent a risk to privacy – and made the cost of those actions, as alleged, a mere $30.8 million.…