Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

195 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 195 Filtered view

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

China’s UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google’s Threat Intelligence Group published a report this week on UNC6508, a China-linked cyberespionage group that breached North American medical and military research organizations and stayed hidden for more than two years. The earliest confirmed intrusion […]

The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications. The post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appeared first on CyberScoop.

In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. [...]

Complaint Says Service Generated More Than 1.5 Million Malicious URLsGoogle has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft.

Fraudsters Tokenize Stolen Cards Into Attacker WalletsGoogle Threat Intelligence Group warned that Chinese-language phishing-as-a-service platforms are using AI, encrypted messaging and real-time OTP interception to bypass multifactor authentication and provision stolen payment cards into attacker-controlled digital wallets worldwide.

All the Typhoons, everywhere, all at once A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and disrupt victim organizations’ operations, according to a joint 10-country advisory.…

NCSC boss says China's whole-of-state cyber machine has become Britain's peer competitor in cyberspace State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.…

Bank Info Security 4 months, 3 weeks ago

Anthropic Accuses China AI Firms of Model Mining

DeepSeek, MoonShot AI, MiniMax Used 24K Fake Accounts in CampaignAnthropic has accused three Chinese AI firms of running coordinated, large-scale operations to steal capabilities from its Claude models. The U.S.-based company said DeepSeek, Moonshot AI and MiniMax are conducting "industrial-scale campaigns" using tens of thousands of fraudulent accounts.

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.…

Loading more headlines...