Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely

Program Director Mike Eftimakis on How to Fix 70% of Memory Safety IssuesA U.K. government-backed, hardware-based security initiative is tackling one of the biggest cybersecurity challenges - memory safety - and hopes to address about 70% of existing vulnerabilities, said Mike Eftimakis, founding director of Capability Hardware Enhanced RISC Instructions Alliance.

Bank Info Security 1 year, 3 months ago

Canon Printer Flaw Enables Remote Code Execution

Critical Vulnerability in Drivers Affects Multiple Canon PrintersThe office printer could mete out more than ordinary frustration now that researchers discovered a vulnerability in drivers for Canon printer enabling attackers to execute arbitrary code. The flaw is an out-of-bounds vulnerability in Enhanced Metafile Recode processing.

Firm Focuses on Runtime Context, AI Enhancements to Counter Evolving Cloud ThreatsWith $100 million in Series A funding, Upwind plans to strengthen its runtime and AI-powered cloud security platform. CEO Amiram Shachar outlines the company’s investments in engineering, customer engagement and scaling solutions to address vulnerabilities like misconfigurations and insecure APIs.

Bank Info Security 1 year, 7 months ago

Google AI Tool Finds 26 Bugs in Open-Source Projects

One Vulnerability Had Been Undiscovered for Two Decades, Researchers SaidGoogle researchers used an AI-powered fuzzing tool to identify 26 vulnerabilities in open-source code repositories, some of which had been lurking undiscovered for several decades. Each was found with AI, using AI-generated and enhanced fuzz targets, Google said.

Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library

Snyk Boosts API Security with Enhanced Dynamic App Security Testing CapabilitiesBy buying DAST provider Probely, Snyk bolsters its platform with advanced API security testing for early SDLC stages. This acquisition aims to help developers identify and reduce vulnerabilities in AI-driven and API-heavy applications. Full integration into Snyk's platform is slated for early 2025.

Trend Micro Research, News and Perspectives 3 years, 11 months ago

Transport Layer Security (TLS): Issues & Protocol

Although Transport layer security (TLS) provides enhanced security, cybercriminals have become increasingly savvy, finding ways to circumvent many of these protections. Learn how malicious actors exploit vulnerabilities within TLS to introduce new forms of malware.