Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 7 most recent headlines Filtered view
Bank Info Security 1 month, 4 weeks ago

Patched OpenClaw Flaw Let Hackers Hijack AI Agents

Chainable Bugs Enable Credential Theft, Persistence, TakeoverFour chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by abusing the AI agent's own privileges. The bugs enabled credential theft, privilege escalation and backdoor deployment, affecting all versions released before April 23.

Bank Info Security 7 months, 1 week ago

Google Patches AI Flaw That Turned Gemini Into a Spy

Zero-Click Vulnerability Let Attackers Weaponize Enterprise AI AssistantGoogle patched a vulnerability in Gemini Enterprise that allowed attackers to steal corporate data through a shared document, calendar invitation or email without any user action or security alerts. No malware was executed, no credentials were phished and no data left through approved channels.

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google SaysA cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Flaw Exposes Remote Privilege Escalation RiskCisco released urgent security updates to fix a critical vulnerability in Unified Communications Manager that could allow unauthenticated attackers gain root access to affected systems. The maximum-severity vulnerability allows unauthenticated remote attackers to log in using static credentials.

Bank Info Security 1 year, 8 months ago

CISA Warns of Active Attacks on Critical Palo Alto Exploit

CISA Adds Critical Palo Alto Flaw to Vulnerability Catalog After Attack DiscoveryThe Cybersecurity and Infrastructure Security agency warned Palo Alto Networks that a critical vulnerability the technology giant previously patched has been actively exploited since then, according to a new advisory, potentially exposing configuration secrets and credentials.

Bank Info Security 1 year, 9 months ago

Mass Retail Hacks Affect Adobe Commerce and Magento Stores

4,387 Online Merchants Compromised, Including Cisco and National Geographic StoresThousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers targeting a vulnerability known as CosmicSting. While patched by Adobe in June, users also need to forcibly invalidate stolen credentials.

Bank Info Security 2 years, 8 months ago

Google Says 4 Attack Campaigns Exploited Zimbra Zero-Day

Zimbra Patched the Cross-Site Scripting Vulnerability on July 25A zero-day flaw in the Zimbra Collaboration email server proved to be a bonanza for hackers as four distinct threat actors exploited the bug to steal email data and user credentials, says Google. Most of the exploit activity occurred after Zimbra had posted a hotfix on July 5.