Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

52 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 52 Filtered view
Bank Info Security 1 week, 2 days ago

Hidden Backdoor Found in Tenda Router Firmware

Unauthenticated Flaw Allows Full Router, Network TakeoverA hidden backdoor, disclosed by CERT/CC and found in multiple firmware versions made by Chinese manufacturer Tenda, bypasses authentication and could grant attackers administrative access. Researchers are reporting exploitation and an Nmap script is making vulnerable devices easier to identify.

Bank Info Security 1 week, 2 days ago

Hidden Backdoor in Tenda Router Firmware

Unauthenticated Flaw Allows Full Router, Network TakeoverA hidden backdoor, disclosed by CERT/CC and found in multiple firmware versions made by Chinese manufacturer Tenda, bypasses authentication and could grant attackers administrative access. Researchers are reporting exploitation and an Nmap script is making vulnerable devices easier to identify.

Experts Say White House Export Ban Risks Adoption Boost for China's AI AlternativesNew export controls on artificial intelligence startup Anthropic's Fable 5 and Mythos large language models, over their vulnerability-discovery capabilities, must be lifted, not least because Chinese models will soon offer equal capabilities, cybersecurity experts warned the Trump administration.

Bank Info Security 2 months, 1 week ago

Anthropic Sounds Cyber Alarm Amid Financial AI Push

Mythos Found ‘Tens of Thousands’ of Unpatched Flaws With Months to Fix ThemAnthropic CEO Dario Amodei warned that Claude Mythos has found tens of thousands of unpatched software vulnerabilities, with a six-to-12 month window before Chinese AI models catch up. The disclosure came alongside a major financial services push including an investor-backed firm and 10 new AI agents.

Bank Info Security 5 months, 1 week ago

Norway Says Salt Typhoon Hackers Hit Vulnerable Systems

Security Service Says China-Linked Actor Compromised Vulnerable Network DevicesNorway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied infrastructure.

Bank Info Security 5 months, 2 weeks ago

Compromise of Notepad++ Equals Software Supply Chain Fallout

Hacked Infrastructure Delivered Chinese Nation-State Group's Backdoor, Experts WarnThe widely used, open source text-editing software Notepad++ for Windows said attackers exploited a vulnerability to redirect some users to sites that pushed a backdoor onto their system. Security experts have tied the attack to a broader campaign perpetrated by Chinese nation-state actors.

Bank Info Security 5 months, 3 weeks ago

Attacks Target Freshly Patched, Critical Fortinet Flaws

Chinese Attackers Among Those Tied to Attempted Exploits of FortiSIEM AppliancesCritical vulnerabilities in edge devices are continuing to be discovered by security researchers and rapidly targeted by attackers. Lately, this includes a critical vulnerability in Fortinet's FortiSIEM appliances, which Chinese and other hackers began targeting just two days post-patch.

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Validated, Weaponized Exploit Code for Widely Used Web Framework Bug Now PublicWarnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat intelligence analysts warning that it's being actively targeted by Chinese nation-state groups, and that a legitimate, weaponized proof-of-concept exploit is now public.

Bank Info Security 7 months, 2 weeks ago

US Telecoms Reject Regulation as Answer to Chinese Hacking

Industry Wants to Stick to Voluntary MeasuresU.S. telecommunications networks are still vulnerable to foreign intrusion, national security and industry panelists told senators during a Tuesday hearing, warning that China and other adversaries are refining long-term access into American infrastructure.

Bank Info Security 7 months, 3 weeks ago

Cisco Pledges More Security in Network Equipment

Company to Warn Customers, Disable Insecure Options by DefaultCisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The move comes after Chinese hackers exploited known vulnerabilities in Cisco equipment during major telecom breaches.

Also, North Korean Hackers Remotely Wipe Android DevicesThis week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google's Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web application vulnerabilities.

Bank Info Security 8 months, 1 week ago

Unpatched Windows Flaw a Boon for Nation-State Hackers

Chinese Hackers Target European Diplomats with LNK File FlawChinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.

Concerns Grow Over F5 Hacking Amid Stalled Government ShutdownFederal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching.

Bank Info Security 9 months, 1 week ago

Chinese-Linked Hackers Breach Top Political US Law Firm

Williams & Connolly Hit in Zero-Day Campaign Impacting Client EmailsA zero-day vulnerability was used to breach email accounts at the elite D.C. law firm Williams & Connolly, with officials reportedly suspecting the hack is part of a China-linked campaign targeting the U.S. legal sector to support espionage, steal intelligence and establish long-term access routes.

Bank Info Security 9 months, 3 weeks ago

Gains and Risks for Enterprises With DeepSeek V3.1

Splx Says Hardened Prompts Lower Hallucinations But Security Gaps PersistDeepSeek is touting its newest model as its entry into the "agent era" and performance benchmarks show a notable leap in capabilities. Security testing shows progress and persistent vulnerabilities in the Chinese company's upgraded V3.1 model. The raw model swore in response to testing prompts.

Bank Info Security 10 months, 2 weeks ago

Chinese Telecom Hackers Strike Worldwide

US and Allies Warn About Persistent and Long Term Access to Network EquipmentThe Chinese hackers responsible for breaking into telecom networks across the globe capitalize on already documented vulnerabilities, principally in Cisco routing equipment, warn a slew of national cybersecurity agencies. Hackers use publicly known vulnerabilities with CVE designations.

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs Under Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 11 months, 1 week ago

Five-Year-Old D-Link Bugs See Active Exploitation

CISA Lists Flaws as Actively ExploitedHackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Bank Info Security 11 months, 2 weeks ago

SharePoint Zero-Days Exploited to Unleash Warlock Ransomware

145 Organizations Compromised by China-Linked Ransomware Hackers and OthersNearly 150 different organizations' on-premises SharePoint servers have been exploited by attackers targeting the zero-day vulnerabilities now tracked as ToolShell, researchers warn. Early attacks have been attributed to China-linked groups, in some cases leading to Warlock ransomware infections.

Loading more headlines...