Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

Microsoft-Owned GitHub, Which Runs npm, Previews Supply-Chain Security FixesThe popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation pipelines, has been poisoned by attackers, and Microsoft-owned GitHub has advised all developers to downgrade Mastra, pending compromised packages being found and eradicated.

Bank Info Security 1 month, 4 weeks ago

GitHub Hacked, Internal Repositories Offered for Sale

A Single Developer Downloaded a Poisoned VS Code Extension, and Now LookGitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.

CEO Satya Nadella Highlights DeepSeek-R1 Model, AI Cost Reductions, Future GrowthMicrosoft CEO Satya Nadella said AI scaling laws, compounded by Moore’s Law, are accelerating efficiency gains, with a 10x improvement per model generation. He revealed Microsoft’s strategy for optimizing AI costs and highlights DeepSeek-R1’s availability on Azure AI Foundry and GitHub.

Bank Info Security 1 year, 8 months ago

Breach Roundup: Reserachers Showcase 'FortiJumpHigher'

Also: Honeypot 'Jinn Ransomware,' Patch Tuesday and At Risk SectorsThis week, Researchers say Fortinet didn't fully patch FortiJump, "Jinn Ransomware" was a set up, Microsoft Patch Tuesday and a Moody's warning over at-risk sectors. Also, a debt servicing firm breach, a DemandScience breach and a malicious tool targetint GitHub users.

Bank Info Security 2 years, 2 months ago

Microsoft Releases New-Open Source Tool for OT Security

ICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious CodeMicrosoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure. ICSpector, available on GitHub, can scan PLCs, extract information and detect malicious code.