Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view

Microsoft-Owned GitHub, Which Runs npm, Previews Supply-Chain Security FixesThe popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation pipelines, has been poisoned by attackers, and Microsoft-owned GitHub has advised all developers to downgrade Mastra, pending compromised packages being found and eradicated.

Bank Info Security 1 month, 3 weeks ago

GitHub Tells Self-Hosted Admins to Rotate Keys

Company Pushes Key Rotation After 3,800 Repositories CompromisedHacked code repository GitHub warned administrators of self-hosted git servers to rotate public encryption keys following a May 18 incident involving a poisoned VS Code extension used by an employee. GitHub CISO Alexis Wales in a Tuesday update said the repository is rotating all keys.

Over 23,000 Code Repositories at Risk After Malicious Code Added to GitHub ActionAttackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal secrets from thousands of private code repositories as well as compromise other, widely used "open source libraries, binaries and artifacts" that use the tool, experts warned.