Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

33 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 33 Filtered view
Krebs on Security 3 months ago

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That's according to America's lead cyber-defense agency, which set a Friday deadline for federal agencies to patch the security flaw.…

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new Cowork productivity AI, which suffers from a Files API exfiltration attack chain first disclosed last October and acknowledged but not fixed by Anthropic.…

Expired security cert, real Brussels agenda, plus PlugX malware finish the job Cyber spies linked to the Chinese government exploited a Windows shortcut vulnerability disclosed in March – but that Microsoft hasn't fixed yet – to target European diplomats in an effort to steal defense and national security details.…

Bank Info Security 1 year, 2 months ago

Silence is Golden for Breach Prevention, Not Reporting

Not Just Ransomware But Verbal Disclosure of Personal Data Common, Watchdog FindsTwo decades after California Senate Bill 1386 introduced the world to data breach notifications, organizations have collectively battened down their cybersecurity hatches and fixed the problem once and for all. Of course, I'm joking, with the results of recent data breach root cause report in hand.

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code

Consider patching soon because cybercrooks love to hit vulnerable tools from Broadcom's virtualization giant Broadcom has fixed five flaws, collectively deemed "high severity," in VMware's IT operations and log management tools within Cloud Foundation, including two information disclosure bugs that could lead to credential leakage under certain conditions.…

Loading more headlines...