Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 28 Filtered view

2 More Vulnerabilities Need Patching in React Server Components, Warns VercelMass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

Bank Info Security 11 months, 3 weeks ago

US Infrastructure Remains Vulnerable 15 Years After Stuxnet

Experts Say Critical Infrastructure Sectors Have Made Little Cybersecurity ProgressPanelists told the House subcommittee on cybersecurity and infrastructure protection that U.S. critical infrastructure sectors have made few cyber improvements over the last 15 years despite fears of retaliation following digital and physical attacks on Iranian nuclear sites.

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017

Bank Info Security 1 year, 4 months ago

Breach Roundup: US Sanctions Iran-Based Nemesis Admin

Also, BianLian Ransomware Hackers Aren't Really Mailing YouThis week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex vulnerability.

Bank Info Security 1 year, 5 months ago

Nation State Groups Exploit Gemini AI App

Google Says Iranian and Chinese Threat Group the Most ActiveIranian and Chinese threat actors are using Google's artificial intelligence application Gemini for vulnerability scanning and reconnaissance activities, with some attempting to bypass security guardrails of the application, the computing giant disclosed.

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region

The government-backed crew also enjoys ransomware as a side hustle Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable VPN and firewall devices from Check Point, Citrix, Palo Alto Networks and other manufacturers, according to Uncle Sam.…

State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho ManageEngine and Fortinet vulnerabilities, a joint advisory published by CISA, the FBI, and the United States Cyber Command (USCYBERCOM) revealed on Thursday. [...]

Loading more headlines...