Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

Also, More ClickFix Attacks and Teen Booters Arrested in PolandThis week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire.

CISA Says Agencies Believed They Patched Cisco Flaws But Had NotThe U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive.

Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025

Also, O Canada, Oh Brother and More Probable Chinese HackingThis week, ransomware kills, Salt Typhoon hit Canada, Russian backdoors, SAP and Citrix patches, China hackers in the oil and energy sector. Brother printers have an unfixable flaw. Ransomware hit a U.S. dairy cooperative. Hackers in Albania and Oxford. European lawmakers heard cybersecurity advice.

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region

Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers WarnA Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear.

Bank Info Security 1 year, 5 months ago

Patching Lags for Vulnerabilities Targeted by Salt Typhoon

Chinese Hackers Hitting Unpatched Products From Microsoft, Sophos, Fortinet, IvantiChinese nation-state hackers who surreptitiously gained "broad and full" access to telecommunications networks in the U.S. and dozens of other countries have regularly exploited known flaws in their networking gear that the victims failed to patch, security experts have warned.

Bank Info Security 1 year, 7 months ago

Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert

No Patch Yet Available for Second Zero Day to Be Recently Found in VoIP SoftwareSecurity researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles to evict Chinese nation-state hackers from telecom networks. The software is the MiCollab software suite from Canada-based Mitel.

Bank Info Security 2 years, 3 months ago

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

UNC5174 Exploited F5 BIG-IP and ScreenConnect VulnerabilitiesA likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant. Rapid exploitation of newly patched flaws has become a hallmark of Chinese threat actors.

Bank Info Security 2 years, 4 months ago

Breach Roundup: White House Calls for Memory-Safe Languages

Also: Malware Campaign Hits GitHub, Affects Over 100,000 ReposThis week, the Biden administration urged software developers to adopt memory-safe programming languages and moved to restrict Chinese connected cars, a pharma giant was breached, researchers found malicious repos in GitHub, the Phobos RaaS group is targeting the U.S., and Zyxel patched devices.

Bank Info Security 2 years, 5 months ago

Breach Roundup: Zeus Banking Trojan Leader Pleads Guilty

Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.

Bank Info Security 2 years, 5 months ago

Chinese Hackers Preparing 'Destructive Attacks,' CISA Warns

Officials Say Hackers Are Evading Detection on Critical Infrastructure NetworksThe U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure owners to patch systems after publishing a warning that Chinese hackers are evading detection and maintaining persistent unauthorized access in U.S. information technology environments.

The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups