Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

170 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 170 Filtered view
Bank Info Security 4 days, 16 hours ago

Jscrambler npm Breach Exposes Developers to Malware

Malware Harvested Cloud Credentials, Source Code and Deployment TokensAttackers used a compromised npm publishing credential to release five malicious versions of Jscrambler's Code Integrity package, deploying a Rust-based infostealer that harvested developer, cloud and AI tool credentials while evolving its delivery methods to evade detection.

Researchers Urge Organizations to Rotate Credentials and Review Audit LogsThreat actor 888 claims it stole Accenture source code and cloud credentials, prompting researchers to warn that any exposed Azure tokens, encryption keys or DevOps secrets could enable follow-on intrusions and downstream supply-chain attacks even as Accenture says operations remain unaffected.

FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a FLASH alert identifying the criminal group called TeamPCP and detailing how it compromised widely used developer and security tools to steal credentials from victim environments at scale. The […]

A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family […]

A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credentials from GitHub, cloud platforms, and local machines, then spreads like a worm by republishing trusted packages. Discover how the attack works, what data is at risk, and the steps you can take to protect your organization. The post Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign appeared first on Microsoft Security Blog.

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability

Microsoft Security Research 1 month, 2 weeks ago

Typosquatted npm packages used to steal cloud and CI/CD secrets

The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The post Typosquatted npm packages used to steal cloud and CI/CD secrets appeared first on Microsoft Security Blog.

19.6 Billion files are exposed in misconfigured cloud buckets, including 685K credential files and nearly 1M database dumps. There’s a comfortable myth most people carry around: that the data they hand to companies is locked somewhere safe. Researchers at Mysterium VPN just ran the numbers, and the numbers disagree. Across 535,480 publicly listable cloud storage […]

The Hacker News 1 month, 3 weeks ago

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have opened a path to some 98% of entities in the company's cloud

Microsoft Security Research 1 month, 4 weeks ago

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actors can exploit trusted systems to operate undetected. The post How Storm-2949 turned a compromised identity into a cloud-wide breach appeared first on Microsoft Security Blog.

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. This is

Loading more headlines...