Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

64 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 64 Filtered view

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems

A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that's capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntress

Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan dubbed EtherRAT

Bank Info Security 1 year, 1 month ago

PumaBot Malware Targets Linux IoT Devices

Stealthy Malware Installs Cryptomining SoftwareA botnet targeting Internet of Things devices works by brute forcing credentials and downloading cryptomining software. Researchers call the botnet "PumaBot," since its malware checks for the string "Pumatronix," the name of a Brazilian manufacturer of surveillance and traffic camera systems.

The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems

Bank Info Security 1 year, 9 months ago

North Korea Targets Software Supply Chain Via PyPI

Backdoored Python Packages Likely Work of 'Gleaming Pisces,' Says Palo AltoA North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an apparent attempt at a supply chain attack.

Nastyware seeks creds, mines crypto, and plants ransomware that isnt deployed - for now? An unknown attacker is exploiting weak passwords to break into Oracle WebLogic servers and deploy an emerging Linux malware called Hadooken, according to researchers from cloud security outfit Aqua.…

Loading more headlines...