Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it

Bank Info Security 4 months, 3 weeks ago

Marquis Sues SonicWall Over 2025 Firewall Data Breach

Lawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against MarquisMarquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits.

We discovered Azure Storage Account credentials exposed in Axis Communications’ Autodesk Revit plugin, allowing unauthorized modification of cloud-hosted files. This exposure, combined with vulnerabilities in Autodesk Revit, could enable supply-chain attacks targeting end users.

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS)

Cybersecurity researchers have demonstrated an "end-to-end privilege escalation chain" in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment

Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems

Consider patching soon because cybercrooks love to hit vulnerable tools from Broadcom's virtualization giant Broadcom has fixed five flaws, collectively deemed "high severity," in VMware's IT operations and log management tools within Cloud Foundation, including two information disclosure bugs that could lead to credential leakage under certain conditions.…

The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments