Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view

The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky

Bank Info Security 1 year, 10 months ago

Breach Roundup: YubiKey 5 Is Vulnerable to Cloning

Also: US Fingers Russian GRU Hackers; Ohio City Sues ResearcherThis week, YubiKey 5 has a flaw, an Ohio city sued a researcher, the Irish regulator ended its GrokAI case, open-source AI tools exposed data, Starlink blocked X in Brazil, FCC banned Kaspersky, Intel addressed a researcher's claim, and Transport of London is still affected by a cyber incident.

Kaspersky Unveils 24 Flaws in ZKTeco TerminalsA promise of better security through biometrics fell short after security researchers dismantled an access system manufactured by a Chinese manufacture, only to discover 24 vulnerabilities contained inside. ZKTeco specializes in hybrid biometric verification technology.

Bank Info Security 2 years, 2 months ago

Microsoft Patches Zero-Day Exploited by QakBot

Kaspersky Says It Spotted QakBot Operators Exploiting the Flaw in AprilMicrosoft issued a patch Tuesday for a Windows zero-day vulnerability that security researchers say operators of the QakBot botnet and other hackers actively exploited. The elevation of privilege vulnerability flaw is rated "important" on the CVSS scale.

Two rounds of reports and patches may not have completely closed this hole BLACK HAT ASIA Researchers at US/Israeli infosec outfit SafeBreach last Friday discussed flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. And, they asserted, the hole could remain exploitable – even after both vendors claim to have patched the problem.…