Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Bank Info Security 4 months, 3 weeks ago

Android Malware Taps Google Gemini at Runtime

Researchers Say PromptSpy Automates Persistence on Infected DevicesA newly discovered Android malware strain, "PromptSpy," is using Google's Gemini generative artificial intelligence model to automate part of its persistence mechanism, marking what researchers describe as the second known case of AI-driven mobile malware.

Unpatched Flaw in Open-Source Gogs Service Facilitates Remote Code ExecutionAn attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self-hosting, warned researchers. At least 700 internet-exposed servers running Gogs shows signs of being infected with command-and-control malware; no patch is yet available.

Bank Info Security 10 months, 4 weeks ago

Ballooning PolarEdge Botnet a Suspected Cyberespionage Op

PolarNet Has Hallmarks of an Operational Relay BoxNearly 40,000 enterprise-grade devices and consumer-class routers, IP cameras and more are infected with malware researchers codenamed PolarEdge, controlled by a botnet of the same name, which experts suspect is designed to hide traffic tied to cyberespionage operations.

Bank Info Security 11 months, 1 week ago

SonicWall Probes Potential Zero-Day After Ransomware Hits

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say ResearchersSonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

New Variant Uses Virtualization to Weaponize Legit Apps, Stealing Data in Real TimeA banking Trojan known for mimicking mobile app login pages has gone to the next level by copying and pasting real mobile banking apps into a virtual environment it creates on infected smartphones, warn researchers. New Godfather malware "marks a significant leap in mobile threat capabilities."

Bank Info Security 1 year, 6 months ago

Abandoned Backdoors: How Malicious Infrastructure Lives On

Studying Backdoors in Web Shells, Researchers Find 4,000 Infected SystemsHow many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.

Bank Info Security 2 years, 5 months ago

FritzFrog Botnet Exploits Log4Shell

Botnet Looks for Vulnerable Internal Network MachinesDelivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector. Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.