Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view
Bank Info Security 4 days, 21 hours ago

Jscrambler npm Breach Exposes Developers to Malware

Malware Harvested Cloud Credentials, Source Code and Deployment TokensAttackers used a compromised npm publishing credential to release five malicious versions of Jscrambler's Code Integrity package, deploying a Rust-based infostealer that harvested developer, cloud and AI tool credentials while evolving its delivery methods to evade detection.

Bank Info Security 1 month, 2 weeks ago

23andMe Failed to Stop Months-Long Hack, State Alleges

Calif. Lawsuit: Genetics Testing Firm Missed Red Flags Before Massive 2023 BreachHackers in 2023 went undetected for five months in genetics testing firm 23andMe's IT systems, despite multiple unheeded warning signs, alleges California's attorney general in a lawsuit. Hackers in late April 2023 began accessing 23andMe's systems by using compromised credentials.

Bank Info Security 1 month, 2 weeks ago

Connecticut Medicaid Portal Hack Affects Thousands

Attackers Attempted to Reroute Hospital Medicaid ReimbursementsA hack on a Connecticut Medicaid web portal involving compromised credentials of a healthcare provider has affected the payment account and other information for about 22,500 patients. The data theft is the latest breach involving a healthcare related web portal hack. Why does this keep happening?

Bank Info Security 2 months, 4 weeks ago

Vercel Traces Customer Data Theft to Agentic AI Tool Breach

Attacker First Compromised AI Tool Used by Vercel Employee, Platform Provider FindsCloud platform provider Vercel said an attacker breached its systems and stole customer data after compromising a third-party agentic artificial intelligence tool used by an employee, called Context.ai, and stealing from it credentials and OAuth tokens tied to multiple services and customers.

Bank Info Security 3 months, 2 weeks ago

Mercor Breach Linked to LiteLLM Supply-Chain Attack

AI Dependency Attack Reportedly Exposes Data and Source CodeA LiteLLM supply-chain compromise enabled attackers to harvest credentials and access internal environments at scale at Mercor. The firm was the first to confirm a LiteLLM breach, and researchers are warning about growing AI system exposure and limited visibility.

Bank Info Security 4 months, 3 weeks ago

Marquis Sues SonicWall Over 2025 Firewall Data Breach

Lawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against MarquisMarquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits.

Bank Info Security 10 months, 2 weeks ago

Hackers Grab $130M Using Brazil's Real-Time Payment System

HSBC and Another Firm Hit After Service Provider Breached; Some Funds RecoveredAttackers on Friday used valid credentials for financial technology provider Sinqia to steal $130 million from two financial services firms in Brazil, using the country's real-time payment system Pix. The Brazilian Central Bank moved quickly to freeze the funds and has recovered some of the money.

Bank Info Security 11 months, 1 week ago

On the Rise: Ransomware Victims, Breaches, Infostealers

Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal SuccessCybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.

Experts Debunk Legitimacy of Data Sets With 16 Billion Credentials Being CirculatedNews broke this week that a "colossal" set of data comprising 16 billion stolen login credentials has been circulating on the cybercrime underground, making it "the largest data breach in history." Don't believe the hype: experts say the numbers simply don't add up, and see little if any risk.

Bank Info Security 1 year, 1 month ago

Salt Typhoon Believed to Be Behind Commvault Data Breach

CISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup PlatformA suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings.

Bank Info Security 1 year, 2 months ago

Breach Roundup: SAP NetWeaver Flaw Draws Hackers

Also, DOGE Employee’s Credentials Found in Infostealer DumpsThis week, SAP NetWeaver flaw drew hackers, zero-days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor halted operations. North Korean hackers targeted South Koreans with fake conference invites, Russian hackers targeted webmail servers and Microsoft fixed 72 flaws.

Bank Info Security 1 year, 2 months ago

Iranian Hackers Breach Middle East Infrastructure

Fortinet Uncovers Long-Term Cyberespionage in RegionAn Iranian state-sponsored threat group conducted a years-long cyberespionage campaign targeting a Middle East critical infrastructure provider, with its operational technology network a key target. The attackers focused reconnaissance activity and credential theft on the OT network.

Bank Info Security 1 year, 3 months ago

Top Australian Pension Funds Breached in Coordinated Hacks

Hackers Use Credential Stuffing to Steal AU$500,000, Breach 20,000 Member AccountsAustralia's largest pension funds faced coordinated credential attacks last week that compromised thousands of user accounts and led to the theft of at least AU$500,000 from four superannuation accounts. The affected funds included AustralianSuper, Rest and Australian Retirement Trust.

Also: The US Supreme Court; Polyfill; BEC Compromise for Frozen ChickenThis week, cyber insurance policies fell short, the Supreme Court rejected efforts to fight disinformation, Polyfill apparently was hijacked, cybercriminals stole chicken, Levi warned of a credential stuffing attack, hackers targeted Android devices, and a lab in South Africa was hit by ransomware.

Bank Info Security 2 years, 1 month ago

Privacy Regulators Probe Impact of 23andMe's Mega-Breach

6.9 Million Individuals' Genetic Details Stolen via 2023 Credential-Stuffing AttackPrivacy regulators in the U.K. and Canada have launched a joint investigation into 23andMe following the direct-to-consumer genetic testing service suffering a massive data breach in October 2023 that led to the theft of 6.9 million individuals' ancestry details.

Bank Info Security 2 years, 1 month ago

Breach Roundup: Google AI Blunders Go Viral

Also: Okta Alert on Credential Stuffing; Data Breaches in SpainThis week, Google AI search provided wrong answers, Internet Archive suffered DDos attack, Okta warned of credential stuffing, Canada shut down two tech firms, attackers delivered malware with Stack Overflow, Telefónica is probing breach, Iberdrola was breached and RansomHub said it hit Christie's.

Bank Info Security 2 years, 2 months ago

Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence

Also: Another Ivanti Zero-Day? And FBI Calls for Strengthening DMARC PoliciesThis week, REvil hacker sentenced; ZDI saw possible Ivanti-zero-day; FBI said to strengthen DMARC policies; Okta saw surge in credential stuffing attacks; French hospital refused to pay ransom; JPMorgan, debt collection agency and healthcare company were breached; and ex-NSA employee was sentenced.

Bank Info Security 2 years, 3 months ago

Sisense Breach Highlights Rise in Major Supply Chain Attacks

Experts Warn of Growing Threat From Supply Chain Attacks After High-Profile BreachCybersecurity experts are sounding the alarm over a rise in supply chain attacks targeting the interconnected systems of global corporate giants after the top U.S. cyber agency urged Sisense customers to reset their credentials following an apparent hack.

Loading more headlines...