Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

116 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 116 Filtered view

Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices' web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday

Bank Info Security 1 month, 2 weeks ago

China Using LinkedIn to Recruit Government Insiders

Five Eyes Agencies Document 5-Step Chinese Job Platform Spy SchemeThe Five Eyes intelligence agencies issued a rare joint bulletin warning that Chinese military intelligence is using LinkedIn, Indeed, and Upwork to recruit government and military insiders. The operation targets clearance holders, military personnel, academics and journalists.

New Report Warns China Could Reach Frontier AI Near-Parity by 2028Anthropic warned that weak chip export controls, model distillation and expanded Chinese access to advanced compute infrastructure could erode Washington’s frontier AI advantage and accelerate Beijing’s push toward near-parity in advanced AI systems.

AI, Robotics Leaders Warn Chinese Robots Could Disrupt Sensitive OperationsWitnesses told a U.S. House Homeland Security panel that Chinese-developed AI robotics platforms could give Beijing new avenues for surveillance, disruption and physical harm across critical sectors, and urged restrictions on federal use as China expands its industrial dominance.

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads

Bank Info Security 6 months, 1 week ago

Cyber Retaliation Risks Rise After US-Venezuela Operation

CISA Warns of Retaliatory Cyber Action From Hostile State Actors After VenezuelaFederal cybersecurity officials are warning of a likely uptick in retaliatory cyber activity from China and Russia-linked threat actors after the U.S. military raid in Venezuela, urging infrastructure operators to brace for disruptive probing and attacks.

Bank Info Security 6 months, 3 weeks ago

US Must Go on Offense in Cyberspace, Report Warns

Report: China, Russia Exploiting US Cyber Policy Gaps to Gain Strategic AdvantageA new McCrary Institute report urges Washington to adopt a more offensive cyber strategy, warning that the current reactive approach leaves the U.S. unable to counter China and Russia’s persistent campaigns to gain asymmetric leverage in cyberspace.

Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Validated, Weaponized Exploit Code for Widely Used Web Framework Bug Now PublicWarnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat intelligence analysts warning that it's being actively targeted by Chinese nation-state groups, and that a legitimate, weaponized proof-of-concept exploit is now public.

State-backed attackers started poking flaw as soon as it dropped – anyone still unpatched is on borrowed time Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours of disclosure, turning a theoretical CVSS-10 hole into a live-fire incident almost immediately.…

Bank Info Security 7 months, 1 week ago

Brickstorm Malware Hits US Critical Systems, CISA Warns

Chinese-Linked Malware Campaign Targets Critical Environments With Weak MonitoringU.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.

Loading more headlines...