Fake Bug Report Hijacks AI Coding Agents at Scale
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
ESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe
Verizon's 2026 Data Breach Investigations Report (DBIR) finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.
Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide. The post Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches appeared first on CyberScoop.
Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025
In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos.
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based VerificationFinancial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. [...]
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients
Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell
IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws
Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT)
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report
A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi