Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

Crims 'creating a snowball effect' across open source projects RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the open source scanners are working with notorious extortion crews like Lapsus$.…

Researchers said the threat group behind the campaign is associated with ShinyHunters, an outfit that’s previously stolen data from Salesforce instances for extortion attempts. The post Salesforce issues new security alert tied to third customer attack spree in six months appeared first on CyberScoop.

The Hacker News 4 months, 3 weeks ago

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex and highly professional criminal ecosystem. The era of the cloud brought general availability of

Cameron Wagenius Suspected of Extorting Snowflake Customers Over Stolen DataA serving member of the U.S. Army has been arrested on a two-count indictment tied to the theft and sale of "confidential phone records," reportedly tied to the theft of terabytes of data from AT&T, Verizon and other customers of cloud data warehousing platform Snowflake.

If you needed yet another reminder of what happens when security basics go awry Updated It's a good news day for organizations that don't leave their AWS environment files publicly exposed because infosec experts say those that do may be caught up in an extensive and sophisticated extortion campaign.…

The Hacker News 2 years, 9 months ago

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,