Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

42 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 42 Filtered view

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

Bank Info Security 1 month, 3 weeks ago

New Telecom Espionage Campaign Tied to China

Researchers Trace Linux and Windows Toolsets to Suspected PRC Espionage ActivityNewly discovered malware tied to China-linked actors breached telecom providers across Asia and the Middle East, highlighting growing efforts to gain persistent access into interconnected communications infrastructure.

Bank Info Security 2 months, 2 weeks ago

Breach Roundup: US Cyber Command Flags Election Threats

Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE FlawThis week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution.

Bank Info Security 2 months, 3 weeks ago

Unwary Chinese Hackers Hardcoded Credentials into Backdoors

Eset Researchers Discover Trove of Go-Based MalwareResearchers uncovered a Chinese-linked cyberespionage group after attackers left command and control credentials embedded in malware, exposing internal operations, testing environments and thousands of messages tied to campaigns targeting a Mongolia government agency.

Researchers Tie UAT-9244 Intrusion to Famous Sparrow and Tropic TrooperA China-linked cyberespionage group has been targeting telecommunications providers in South America since 2024 using a set of newly discovered malware tools designed to maintain persistent access to critical communications infrastructure, Cisco Talos researchers found.

China, Iran, North Korea Hackers Exploit Gemini Across Attack Life CycleState-backed hackers weaponized Google's artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses.

Bank Info Security 6 months, 2 weeks ago

Breach Roundup: Clop Tied to Korean Air Vendor Breach

Also: China-Linked APT Hijack Updates, Condé Nast Data Leaked, La Poste HitThis week, a Clop-linked vendor breach hit Korean Air, a China-linked APT hijacked software updates, a critical zero-day flaw remained unpatched, Condé Nast faced a data leak, La Poste was disrupted and Korean police extradited a malware operation suspect.

Ink Dragon Compromised IIS Networks to Relay ShadowPad MalwareA Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as "Ink Dragon."

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Bank Info Security 7 months, 1 week ago

Brickstorm Malware Hits US Critical Systems, CISA Warns

Chinese-Linked Malware Campaign Targets Critical Environments With Weak MonitoringU.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.

Bank Info Security 7 months, 3 weeks ago

Chinese APT24 Deploys Custom Malware, New Stealthy Tactics

3-Year Espionage Campaign Targeted Taiwanese FirmsChinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said.

Bank Info Security 9 months, 3 weeks ago

Chinese Hackers Deploy New PlugX Variant

Sophisticated Cyberespionage Campaign Targets Asian Telecom, Manufacturing SectorsA remote access Trojan that's a staple of Chinese nation-state hacking is part of an ongoing campaign targeting telecom and manufacturing sectors in Central and South Asian countries. The threat actor, tracked as Naikon, apparently has access to a new variant of PlugX malware.

Bank Info Security 9 months, 3 weeks ago

Mandiant: Chinese Espionage Tool Embedded in US Systems

Researchers Uncover Covert Chinese Access to US Service Provider InfrastructureMandiant said it has tracked a Chinese-linked espionage campaign using BRICKSTORM malware to quietly embed within U.S. infrastructure and service providers for over a year, exploiting appliance-level blind spots to maintain persistence, evade detection and potentially develop zero-day exploits.

Bank Info Security 10 months, 1 week ago

Hackers Promote Gambling Websites With SEO Poisoning

GhostRedirector Compromising Windows Servers in Brazil, Thailand and VietnamA suspected Chinese cybercrime group is deploying custom malware to compromise Windows servers in Brazil, Thailand, Portugal and Vietnam as part of search engine optimization fraud to promote gambling websites.

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs Under Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs See Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 1 year, 1 month ago

OpenAI's ChatGPT a Hit With Nation-State Hackers

Malicious Accounts Linked to Malware, Influence OperationsOpenAI is using its artificial intelligence models to detect and counter abuse and has banned accounts associated with malicious state-linked operations. Hackers aligned with Russia, China, North Korea and Iran have used OpenAI's tools for malware development and social media manipulation.

Bank Info Security 1 year, 1 month ago

SentinelOne Sees No Breach After Hardware Supplier Hacked

Intrusion Involved ShadowPad Malware, Wielded in Attacks Tied to Chinese APT GroupsCybersecurity firm SentinelOne said suspected Chinese attackers, wielding ShadowPad backdoor malware, infiltrated a logistics firm that it used for supplying hardware to its employees, but that the intrusion doesn't appear to have resulted in any infiltration of its own, corporate network.

Bank Info Security 1 year, 2 months ago

Hackers Hijack NFC for Instant Payment Fraud

Attack Combines Social Engineering and Card Emulation to Execute Real-Time TheftHackers are using Chinese-speaking Android malware-as-a-service SuperCard X to carry out near-field communication relay attacks, siphoning payment card data and executing live point of sale and ATM transactions. Victims receive spoofed SMS or WhatsApp alerts purporting to originate from their bank.

Bank Info Security 1 year, 3 months ago

Chinese Hackers Deploy Stealthy Fileless VShell RAT

Malware Hides in Memory, Evades Detection by Endpoint ToolsA Chinese state-backed hacking group tracked as UNC5174 relaunched its operations after a year of silence with a campaign using a memory-only remote access Trojan that evades traditional detection mechanisms, according to new research from cybersecurity firm Sysdig.

Loading more headlines...