Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

44 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 44 Filtered view

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks.  The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology

Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last JuneOhio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.

Bank Info Security 5 months, 2 weeks ago

Data Breaches in America Hit All-Time Record High in 2025

Identity Theft Resource Center Catalogs 3,322 Known US Incidents in 2025The number of U.S. organizations that reported falling victim to a data breach in 2025 reached an all-time high, while the number of notifications they sent to affected consumers fell sharply, reports the Identity Theft Resource Center's latest annual breach roundup.

Bank Info Security 5 months, 2 weeks ago

'AI-Powered' Services Firm Says Hack Affects 3.1M

Reported Victim Tally in HCIactive's Health Data Theft Incident SoarsThe victim count in a 2025 hack against a Maryland-based firm that provides "AI-powered" administrative and technology services to healthcare practices soared to nearly 3.1 million nationwide, according to an updated breach report from Healthcare Interactive.

Bank Info Security 7 months, 1 week ago

Ransomware Victim Warning: The Streisand Effect May Apply

Analysis of Seized LockBit Data Suggests Victims Who Pay Enjoy More Media CoverageBad news for any organization that's ever paid a ransom in a bid to avoid their breach coming to light, or for a promise from attackers to delete stolen data, with a study of seized LockBit data finding that victims who paid a ransom were more likely to see the attack get detailed in the media.

Inotiv Tells SEC 'It's Still Evaluating Full Impact and Notifying Breach Victims'Drug research firm Inotiv in a filing with federal regulators said it is still evaluating the financial and operational impact of an August cyberattack that's linked to ransomware gang Qilin. The company is also notifying nearly 10,000 people whose data was allegedly stolen in the incident.

Breach Notification Service Details Peer-to-Peer Lending Marketplace Victim CountHackers appear to have stolen personal information pertaining to more than 17 million individuals from peer-to-peer lending marketplace Prosper, including Social Security numbers, contact information and some income and financial details, says the Have I Been Pwned breach notification service.

Criminals Behind Salesloft Breach Continue to Target Salesforce-Using CustomersCustomer relationship management software giant Salesforce has directly notified customers that it won't be complying with ransom demands issued by the data-stealing crime group ShinyHunters, which continues to pressure Salesforce-using customers who fell victim to the Salesloft breach.

Bank Info Security 10 months, 2 weeks ago

Salesloft Drift Attacks Exposed Zscaler Customer Data

'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn ExpertsThreat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customer Zscaler. Google Workspace instances were also breached.

CRM Breach May Be Tied to Ongoing Scattered Spider and ShinyHunters CampaignCloud software giant Workday said its customer relationship management software has been breached and customer data stolen. The alert comes as attackers continue to pose as employees to trick help desks into giving them direct access to a victim's Salesforce CRM instance.

Bank Info Security 11 months, 1 week ago

Insurance Firm Notifies 156K Victims - 1 Year After the Hack

What Makes Timely and Accurate Breach Reporting So Difficult for Some Organizations?An Illinois-based brokerage firm that works with employers, businesses and consumers to obtain various types of insurance coverage is notifying nearly 156,000 people that their protected health information was compromised in a data theft hack that occurred more than a year ago. Why the delay?

Bank Info Security 11 months, 1 week ago

On the Rise: Ransomware Victims, Breaches, Infostealers

Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal SuccessCybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.

Most Compromises Trace to Financial Services, Healthcare, Professional ServicesData breaches rage on. In the first half of this year, the Identity Theft Resource Center counted 1,732 total data breaches affecting 166 million people, marking a rise in data breaches but a decline in victims, likely due to a drop in mega-breaches.

Bank Info Security 1 year, 2 months ago

Kelly Benefits Notifying Nearly 264,000 of Data Theft Hack

Breach Victim Tally Soars Since Firm Filed an Initial Breach Report in Early AprilKelly Benefits is notifying nine large clients and nearly 264,000 individuals that their sensitive personal information was potentially compromised in a December data theft incident. The tally of affected people has climbed eight-fold since the company’s first estimate earlier this month.

244M purloined passwords added to Have I Been Pwned thanks to govt tip-off A tip-off from a government agency has resulted in 284 million unique email addresses and plenty of passwords snarfed by credential-stealing malware being added to privacy-breach-notification service Have I Been Pwned (HIBP).…

Loading more headlines...