Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

29 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 29 Filtered view

The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has compromised 73 Microsoft GitHub repositories and forced GitHub staff to disable them. The affected repos include core Azure infrastructure like azure-functions-host and the entire Durable Task family […]

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data leaks. The post When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps appeared first on Microsoft Security Blog.

Bank Info Security 2 months, 2 weeks ago

OpenAI Trades Azure Exclusivity for Enterprise Reach

Renegotiated Pact With Microsoft Clears OpenAI Path to Enterprise CloudsOpenAI has launched its models and tools on Amazon Web Services, one day after revising its agreement with Microsoft to end years of cloud exclusivity, a move likely driven by competitive pressure from Anthropic's hold on enterprise AWS customers.

Bank Info Security 7 months, 1 week ago

AI's Closed Loops Are Tightening - Can Startups Thrive?

Closed AI Loops Are Concentrating Power - and Creating Room for StartupsMicrosoft, Nvidia and Anthropic just formed the latest closed-loop artificial intelligence partnership, tying cloud, hardware and models into a single circuit. While it signals consolidation at the top, founders say it's also creating a surprising tailwind for domain-focused AI startups.

Bank Info Security 10 months, 1 week ago

ISMG Editors: The Pentagon, Microsoft and Chinese Workers

Also: Software Supply Chain Risks, Cato's AI Security BuyIn this week's update, four ISMG editors discussed the Pentagon's review of Microsoft's use of Chinese nationals on U.S. military cloud systems, renewed concerns over software supply chain risks and Cato Networks' first-ever acquisition to boost AI security.

Bank Info Security 10 months, 2 weeks ago

Microsoft Backs Sola's $35M Push Into Autonomous AI Security

Series A Fuels Deeper AI, Expanded Integrations and Product-Led Growth AdoptionBacked by S32 and Microsoft, Sola Security secured $35 million to advance its autonomous AI engine. The Israeli startup aims to shift from reactive prompts to proactive agent-based systems that solve security tasks across SaaS, cloud and identity domains.

EVP Muhi Majzoub Outlines Integration of TDR, Generative AI Across Core PlatformsOpenText is embedding threat detection, identity protection and generative AI across its cloud and on premise platforms. EVP Muhi Majzoub says the threat detection and response system will integrate with Microsoft Defender, CrowdStrike and others to identify anomalies and stop attacks in real time.

Bank Info Security 1 year, 3 months ago

Breach Roundup: Port of Seattle Notifies 90,000 Victims

Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete ServersThis week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider's "King Bob" pleaded guilty, SmokeLoader users busted.

Bank Info Security 1 year, 4 months ago

Google Purchases Wiz in $32B Deal to Boost Cloud Security

Largest Cybersecurity Deal of All-Time Aims to Boost AI-Driven Multicloud SolutionsGoogle Cloud plans to acquire cloud security leader Wiz for $32 billion, integrating its AI-powered security capabilities to better protect companies across multiple cloud environments. The deal reinforces protections across multicloud environments, including AWS, Microsoft Azure, and Google Cloud.

Bank Info Security 1 year, 4 months ago

China's Silk Typhoon Tied to Cloud Service Provider Hacks

Microsoft Sees Cyberespionage Group Lifting API Keys and Credentials for CustomersA prolific cyberespionage group tied to Beijing appears to have increased its targeting of widely used IT tools and service providers. Microsoft said the group's tactics now include stealing API keys and credentials from providers to gain access to providers' downstream customers' infrastructure.

They're good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence.…

Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim Microsoft has named four of the ten people it is suing for allegedly snatching Azure cloud credentials and developing tools to bypass safety guardrails in its generative AI services – ultimately to generate deepfake smut videos of celebrities and others.…

Bank Info Security 1 year, 6 months ago

Why Cloud Identity Attacks Outpace On-Premises Risks

Blackpoint Cyber CEO Jon Murchison on MSP Cloud Identity RisksWith a 30-to-1 ratio of cloud to on-premises attacks, Blackpoint Cyber CEO Jon Murchison stresses the importance of enhanced identity detection and AI-driven solutions. He also outlines strategic moves for managed service providers to align with Microsoft’s ecosystem.

Loading more headlines...