Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view

Complaint Says Service Generated More Than 1.5 Million Malicious URLsGoogle has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft.

Bank Info Security 4 months, 1 week ago

Bank Phishing Refunds Should Be Easier, Says CJEU Advisor

Top European Court Advisor Says Policy Should Be 'Refund Now, Sue Later'Banks must promptly refund phishing victims when the scams lead to unauthorized transactions, an advisor to the European Union’s top court has said. The case in question involves an unnamed Polish woman who got duped on an online auction platform.

Bank Info Security 5 months, 1 week ago

Harvard, UPenn Data Leaked in ShinyHunters Shakedown

Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors'Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

Bank Info Security 5 months, 1 week ago

Harvard, UPenn Data Leaked in ShinyHunters Shakedown

Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors'Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

3 State-Sponsored Groups Spear-Phish Semiconductor EcosystemChinese state-aligned hackers have ramped up espionage efforts against Taiwan's semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts.

Scammers Use Social Engineering and Phishing to Fool Workers and IT Help Desk StaffFederal authorities warn of social engineering and phishing scams - sometimes targeting IT help desk workers - that allow attackers to steal login credentials and access healthcare sector entities' IT systems so they can divert automated clearinghouse payments to bank accounts the attackers control.

Hackers Used Dozens of Servers to Distribute Malicious Android AppsLaw enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.

Bank Info Security 2 years, 3 months ago

Iranian TA450 Group Tries Out New Tactics on Israelis

Proofpoint Researchers Say Beware of Phishing Emails, Embedded Links in PDFsIran-aligned threat actor TA450, also called MuddyWater, is using fake salary, compensation and financial incentive emails to trick Israeli employees at multi-national organizations into clicking malicious links, according to researchers at security firm Proofpoint.

Bank Info Security 2 years, 5 months ago

OpenAI and Microsoft Terminate State-Backed Hacker Accounts

Hackers Used LLMs to Perform Tasks That Non-AI Tools Can PerformNation-state hackers including Russian military intelligence and hackers backed by China have used OpenAI large language models for research and to craft phishing emails, the artificial intelligence company disclosed Tuesday in conjunction with major financial backer Microsoft.

Bank Info Security 2 years, 5 months ago

Account Takeover Campaign Hits Execs in Microsoft Azure

Attackers Downloaded Files Containing Financial, Security and User InformationA still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.

Bank Info Security 2 years, 5 months ago

New York AG Sues Citibank for Poor Phishing Protections

State Attorney Alleges Lack of Layered Security to Stop Fraudulent Wire TranfersThe New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers. "If a bank cannot secure its customers' accounts, they are failing in their most basic duty," said Attorney General Letitia James.