Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view

24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th containing 24 billion records and more than 8.3 terabytes of data. They triple-checked the numbers. […]

Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it […]

Bank Info Security 2 months, 2 weeks ago

Home Security Firm ADT Breach: 5.5M Customers' Data Exposed

Prolific ShinyHunters Extortion Group Made 'Pay or Leak' Threat to VictimHome security giant ADT has suffered a data breach that appears to have exposed personally identifiable information tied to 5.5 million customers. Prolific extortionist group ShinyHunters claimed credit for the attack, saying it stole Salesforce data after socially engineering an ADT employee.

Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing TakedownThis week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Bank Info Security 6 months, 3 weeks ago

Breach Roundup: Spotify Metadata Dumped Online

Also: SudamericaData Leak, RaccoonO365 Arrest and Nefilim Conspirator Pleads GuiltyThis week: Spotify metadata scraped, Nissan disclosed third-party breach, millions of Argentines exposed to data leak, African police arrested hundreds in a cybercrime sweep, Nigeria nabbed a phishing operator, the U.S. DOJ charged ATM jackpotting ring and Nefilim ransomware affiliate pleaded guilty.

Also, Internet-Exposed Call Center Software Under Attack and Patch TuesdayThis week: Chinese hackers exploited ArcGIS, Internet-exposed call center software under attack, October patch Tuesday, Massachusetts student sentenced for $3 million extortion hack, New York fined eight insurers $14.2M over data breaches, more than 100 VS Code extensions leak secrets.

Bank Info Security 11 months, 1 week ago

Breach Roundup: Chinese Duo Held for Illegal AI Chip Exports

Also: Ukrainian Hackers Find Evidence of Russian Child AbductionThis week, a Chinese duo arrested in Los Angeles for illegal artificial intelligence chip exports back to China, France extradited an accused Nigerian hacker, Ukraine hacked Crimean servers, Florida prison email leak, Tea App clone exposed users’ IDs.

Bank Info Security 1 year, 3 months ago

UK Fines Law Firm 60,000 Pounds for Ransomware Data Breach

Firm Failed to Close Outdated User Account, Waited 43 Days to Notify RegulatorsThe U.K. Information Commissioner's Office imposed a fine of 60,000 pounds against Liverpool-based law firm DDP Law for GDPR violations relating to a 2022 ransomware hack and data leak that exposed sensitive information including the details of its clients' cases.

Bank Info Security 1 year, 5 months ago

Breach Roundup: DeepSeek Leaked Sensitive Data

Also: Infostealer Malware Compromises Mexican Government ComputersThis week, DeepSeek exposed sensitive data, hackers exploited unpatched Zyxel flaws, infostealer malware on Mexican government computers, Smiths Group incident, PowerSchool breach notifications, an Apple zero-day, XWorm RAT backdoor, and Credit Control Corporation settled a lawsuit.

Bank Info Security 1 year, 7 months ago

Clearinghouse Pays $250K Settlement in Web Exposure Breach

Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA BreachA breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in fines and civil settlements.

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney's internal Slack messaging channels. The breach exposed

Loading more headlines...