Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.  "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based

JumpCloud, a US-based enterprise software firm is notifying several customers of an "ongoing incident." As a caution, the company has invalidated existing admin API keys to protect its customer organizations. Headquartered in Colorado, the cloud-based directory-as-a-service platform serves over 180,000 organizations across the world. [...]