Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

20 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines Filtered view

PLUS: CISA issues drone warning; China-linked DNS-hijacking malware; Prison for BTC Samourai; And more Infosec In Brief Researchers have urged users of the glob file pattern matching library to update their installations, after discovery of a years-old remote code execution flaw in the tool's CLI.…

Space sensors and UAVs at sea top MoD's list in new wave of cutting-edge projects The UK is pressing ahead with cutting-edge defense projects, the latest including research to protect satellites from laser attack and a technology demonstrator for a jet-powered drone to operate from Royal Navy carriers.…

Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.…

PLUS: Bluetooth mess leaves cars exposed; Bitcoin ATMs attacked; Deepfakers imitate US secretary of state Marco Rubio; and more Infosec In Brief Nvidia last week advised customers to ensure they employ mitigations against Rowhammer attacks, after researchers found one of its workstation-grade GPUs is susceptible to the exploit.…

NetScaler vendor issued a patch but otherwise, stony silence Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still haven't patched.…

The botnet’s still alive and evolving Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the threat hunters who uncovered the original scheme.…

PLUS: Spanish cops think they've bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more! Infosec In Brief DeepSeek’s iOS app is a security nightmare that you should delete ASAP, according to researchers at mobile app infosec platform vendor NowSecure.…

Warning: Poorly configured Google Cloud databases spill billing info, plaintext credentials At least 900 websites built with Google's Firebase, a cloud database, have been misconfigured, leaving credentials, personal info, and other sensitive data inadvertently exposed to the public internet, according to security researchers.…

ALSO: Verizon turns self in for reduced fine, malvertising comes to macOS, and this week's critical vulnerabilities In brief Watch out, cyber security researchers: Suspected North Korean-backed hackers are targeting members of the infosec community again, according to Google's Threat Analysis Group (TAG).…

Meanwhile NSO faces new lawsuit over Pegasus flying onto journalists' phones Google's Threat Analysis Group (TAG) said on Wednesday that its researchers discovered commercial spyware called Heliconia that's designed to exploit vulnerabilities in Chrome and Firefox browsers as well as Microsoft Defender security software.…

Failing to fix flaws, a crowded threat group scene, RaaS, and dependencies among crooks are fueling the trend Security experts spent years warning enterprises to expect cyberattacks and to plan their defenses accordingly, now Sophos researchers are saying organizations shouldn't be surprised if they get attacked multiple times.…