Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

26 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 26 Filtered view
Bank Info Security 3 months, 3 weeks ago

Breach Roundup: Tycoon2FA Phishing Platform Rebounds

Also, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and FranceThis week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim surge.

Bank Info Security 3 months, 4 weeks ago

Multi-Month Cyberespionage Campaign Hits Libyan Oil Refinery

Phishing Campaign Used AsyncRAT to Maintain Long-Term Network AccessA suspected cyberespionage campaign targeted a Libyan oil refinery using commodity malware and politically themed phishing lures. The activity ran from November 2025 to mid-February, with evidence that attackers maintained long-term access to at least one oil company network.

Also: NodeCordRAT Malware, North Korean QR-Phishing CampaignThis week, U.K. crypto exchanges linked to Iranian sanctions evasion, NodeCordRAT malware spread via npm, an FBI alert on North Korean QR-code phishing, illicit crypto hit $154 billion in 2025 and U.S. President Donald Trump said he won't pardon Sam Bankman-Fried.

Bank Info Security 9 months, 3 weeks ago

Phishing Campaign Lobs Malicious SVG Attachments at Ukraine

Government Agencies Targeted With Infostealers and Cryptomining MalwareA fake police alert is the social engineering cornerstone of an ongoing phishing campaign targeting Ukrainian government agencies, warn security researchers. They're tracking a surge in malicious SVG file attachments, in this case leading to information-stealing and cryptocurrency-mining malware.

Bank Info Security 9 months, 3 weeks ago

Hackers Obfuscated Malware With Verbose AI Code

Attackers Hid Malware in Vector ImageHackers behind a phishing campaign appear to have used artificial intelligence-generated code to hide malware behind a wall of overly complex and useless code, said Microsoft. "Not something a human would typically write from scratch due to its complexity, verbosity and lack of practical utility."

Users Download Malware in Bid to Placate MetaA newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Bank Info Security 10 months, 1 week ago

Hackers Compromise 18 NPM Packages in Supply Chain Attack

Attacker Socially Engineered Developer With Phishing EmailA hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.

Bank Info Security 10 months, 3 weeks ago

Menlo-Votiro Deal Integrates File Protection With Browsers

CEO Amir Ben-Efraim: Acquisition Adds AI-Powered File Sanitization to Browser ToolsThrough its acquisition of Votiro, Menlo Security has embedded file-level sanitization and AI-powered detection directly into its enterprise browser stack. CEO Amir Ben-Efraim says the move helps prevent malware, data leaks and phishing risks at the browser level.

Report North Korean Hacking Group Adds Ransomware to Traditional PlaybookA ScarCruft subgroup dubbed "ChinopuNK" has launched a disruptive ransomware campaign across South Korea, using phishing lures, AutoIt loaders and microphone-capturing malware - marking a major change in the North Korean hacking group's traditionally espionage-focused cyber tactics.

Phishing Emails Disguise Malware as Contract FilesA Russian cybersecurity company is warning that hackers are targeting Russia's industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware "Batavia." but doesn't attribute the campaign to a threat actor.

Also: CoinMarketCap Attack, BitPro Blames Lazarus for $11M HackThis week, a new malware targeted crypto wallets via photos, CoinMarketCap faced attack, BitoPro blamed Lazarus for heist, Trezor warned of phishing scam, France saw another crypto kidnapping, cops re-arrested teen after second theft, Hacken blamed human error for exploit and Self Chain ousted CEO.

Bank Info Security 1 year, 1 month ago

Hackers Target Job Recruiters Through Malicious Resumes

Russian Speaking Hackers FIN6 Flip Job Fraud ScriptFinancially-motivated hackers tracked as FIN6 have flipped the script on job fraud, impersonating job seekers to phish recruiters and deploy stealthy malware through fake resumes hosted on trusted cloud platforms. The group engages recruiters on LinkedIn and Indeed with realistic resumes.

Bank Info Security 1 year, 3 months ago

Possible Russian Hackers Targeted UK Ministry of Defense

Spear-Phishing Campaign Used RomCom Malware VariantA phishing campaign wielding malware previously associated with Russian-speaking hackers targeted the U.K. Ministry of Defense in late 2024. It is unclear if the campaign is tied to a data leak of 600 armed personnel, civil servants, and defense contractors reported late last year.

Browser Isolation Protects Access Points as Remote Work Expands Attack SurfaceWith 92% of organizations supporting remote connectivity and phishing attacks surging to record levels, browser-based security has become essential for zero trust frameworks to protect against malware, ransomware and credential theft.

Bank Info Security 1 year, 6 months ago

36 Chrome Extensions Compromised in Supply Chain Attack

Developers Listed as Public Contact Points Targeted in Phishing CampaignA supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.

Bank Info Security 1 year, 7 months ago

SmokeLoader Campaign Targets Taiwanese Companies

Theat Actor Uses Trojan as InfostealerA threat actor is targeting Taiwanese companies using phishing emails and long-standing vulnerabilities to deliver SmokeLoader malware. The threat actor uses plugins for the infamous malware to directly attack systems rather than using SmokeLoader as its name suggests, as a loader for other malware.

Bank Info Security 1 year, 8 months ago

Hacker Poses as Israeli Security Vendor to Deliver Wiper

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With MalwareCybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

Hackers Used Dozens of Servers to Distribute Malicious Android AppsLaw enforcement authorities in Singapore, Malaysia, Hong Kong and Taiwan took down a cybercrime ring that used dozens of servers and hundreds of phishing pages across multiple jurisdictions to run a malware-enabled scam operation and steal tens of millions from victims' bank accounts.

Loading more headlines...