Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view

UPGRADE and DigiSeals Programs at ARPA-H Remain Fully FundedA U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Bank Info Security 8 months, 3 weeks ago

Russia's Coldriver Revamps Malware to Evade Detection

Russian Intel Hackers Flexible in Face of DetectionRussia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research.

Bank Info Security 9 months, 3 weeks ago

Mandiant: Chinese Espionage Tool Embedded in US Systems

Researchers Uncover Covert Chinese Access to US Service Provider InfrastructureMandiant said it has tracked a Chinese-linked espionage campaign using BRICKSTORM malware to quietly embed within U.S. infrastructure and service providers for over a year, exploiting appliance-level blind spots to maintain persistence, evade detection and potentially develop zero-day exploits.

Bank Info Security 10 months, 1 week ago

'The Gentlemen' Ransomware Targets Asia Pacific

Trend Micro Researchers Uncover New Ransomware StrainA newly identified ransomware group is targeting victims across the Asia Pacific region using custom-built evasion capabilities that could pose a "significant threat" to organizations, warn researchers at security firm Trend Micro. The Gentlemen deploys customized methods tailored to each target.

Bank Info Security 11 months, 1 week ago

Candiru Spyware Infrastructure Uncovered

Inskit Researchers Uncover Clusters in Hungary, Saudi ArabiaSecurity researchers uncovered a previously unseen malware cluster associated with Israeli spyware maker Candiru. The company may have rebranded itself to evade sanctions to continue its operations. It continues to operate despite its inclusion in 2021 onto an exports blacklist by the United States.

Bank Info Security 1 year, 2 months ago

Fileless PowerShell Loader Deploys Remcos RAT

Attack Chain Uses LNK Files, MSHTA and Memory InjectionPowerShell is becoming hackers' new favorite tool since they can load code directly into computer memory and evade traditional file-based detection methods, warn security researchers. A combination of LNK-MSHTA-PowerShell offers a stealthy and effective path to execution.

New Research Uncovers Tokenizer Blind Spots in Leading LLMsSubtle obfuscation techniques can systematically evade the guardrails that today's large language models rely on. Researchers from Mindgard team found that adversaries can "smuggle" malicious payloads past tokenizers using emojis, zero-width spaces and homoglyphs.

Bank Info Security 1 year, 3 months ago

Malicious Android Apps Evade Detection: McAfee

Cybersecurity Firm Finds Rash of Apps Coded With Microsoft .NET MAUICybercriminals are using a Microsoft cross-platform app development framework to create Android malware that bypasses security measures, evades detection and steals user data. Malicious apps spotted by McAfee researchers aren't traditional Android malware.

Bank Info Security 1 year, 4 months ago

DeepSeek-R1 Can Almost Generate Malware

DeepSeek Comes Very Close to Producing a Keylogger and RansomwareSecurity researchers used the Chinese DeepSeek-R1 artificial intelligence reasoning model to come close to developing ransomware variants and keyloggers with evasion capabilities. The model needs prompt engineering and its output requires code editing.

Campaign Uses Updated Version of the Malware Plugin, Kaspersky SaysHackers are deploying an updated strain of EagerBee malware to target internet service providers and government organizations in the Middle East, warn security researchers. EagerBee operates in memory and comes with advanced stealth and security evasion capabilities.

Chinese Threat Actor 'Velvet Ant' Evaded Detection for Years in Victim NetworkA Chinese threat actor used state-sponsored techniques to carry out a cyberespionage campaign targeting a major organization's networks after exploiting legacy technology to gain multiple footholds across the enterprise infrastructure, researchers said in a Monday blog post.

Bank Info Security 2 years, 6 months ago

NIST Warns of Cyberthreats to AI Models

Data-Poisoning Attacks Are Critical Threat to Machine Learning Security, NIST WarnsMachine learning systems continue are vulnerable to cyberattacks that could allow hackers to evade security and prompt data leaks, scientists at the National Institute of Standards and Technology warned. There is "no foolproof defense" against some of these attacks, researchers said.