Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

38 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 38 Filtered view

FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on the internet containing what appeared to be valid Fortinet VPN credentials, including usernames, email addresses, and plaintext passwords for tens of thousands of organizations. He posted […]

A flaw in Meta’s AI-powered Instagram recovery tool exposed over 20,000 accounts, letting attackers reset passwords and take over profiles. Meta’s High Touch Support tool, known as HTS, was designed to help Instagram users recover locked accounts: you provide an email address, you get a password reset link. The flaw was equally simple: the tool […]

Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other […]

Wanna know a secret? Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…

Bank Info Security 10 months, 2 weeks ago

Navy Federal Credit Union Backup Exposed Online

Researcher: Internal Data Belonging to World’s Largest Lender Exposed on AWSNavy Federal, the world’s largest credit union, left hundreds of gigabytes of internal backup files exposed on Amazon’s cloud storage service, says cybersecurity researcher Jeremiah Fowler. Exposed data included email addresses, hashed passwords and what appeared to be internal system data.

244M purloined passwords added to Have I Been Pwned thanks to govt tip-off A tip-off from a government agency has resulted in 284 million unique email addresses and plenty of passwords snarfed by credential-stealing malware being added to privacy-breach-notification service Have I Been Pwned (HIBP).…

Bank Info Security 1 year, 4 months ago

Breach Notification Service Tackles Infostealing Malware

'Have I Been Pwned' Flags Emails Found in Infostealer Malware Logs It ObtainsHow bad has the information stealing malware problem become? Here's a metric: The free breach-notification service Have I Been Pwned found a single infostealer service provided "284 million unique email addresses alongside the websites they were entered into and the passwords used."

Bank Info Security 1 year, 9 months ago

Internet Archive Data Breach Exposes 31 Million Accounts

Nonprofit Digital Archive Also Suffers Denial-of-Service Attacks, DefacementThe nonprofit Internet Archive has been hit by hackers, who stole usernames and for 31 million accounts, including email addresses and bcrypt-hashed passwords. In recent days, the digital archive has also suffered defacement and repeat denial-of-service attacks.

Loading more headlines...