Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view
Bank Info Security 1 year, 4 months ago

Second GitHub Actions Supply Chain Attack Discovered

Malicious Code Injected in reviewdog Just Hours Before tj-actions BackdooredJust days after researchers discovered an attack that subverted a widely used tool for software development platform GitHub, they discovered a second, prior attack, as part of what one expert said may be "a chain of supply chain attacks eventually leading to a specific high-value target."

Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code