Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

Social engineering: 'low-cost, hard to patch, and scales well' North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social engineering and a fake Zoom software update to trick people into manually running malware on their own computers, according to Microsoft.…

Here's where you ought to spend your security billable hours budget this year Strengthen your MFA policies, double-down on anti-phishing training, and for Jobs' sake, patch all your vulns right away. The past year of intelligence collected by Cisco's Talos threat hunters suggests that attackers are moving faster to exploit vulns, and fooling more staff than ever into giving up their credentials. …

Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.…

Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion Russian spies are exploiting a years-old Windows print spooler vulnerability and using a custom tool called GooseEgg to elevate privileges and steal credentials across compromised networks, according to Microsoft Threat Intelligence.…

Infecting networks via years-old CVEs that should have been patched by now Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).…

Let's take a quick dive into Windows API Microsoft in March fixed an interesting security hole in Outlook that was exploited by miscreants to leak victims' Windows credentials. This week the IT giant fixed that fix as part of its monthly Patch Tuesday update.…