Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

201 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 201 Filtered view

Russian-speaking UAT-11795 spreads trojanized Zoom, Webex, and MobaXterm installers to deliver Starland RAT and the WLDR memory-only implant. Cisco Talos researchers published a detailed technical report on July 16 disclosing UAT-11795, a financially motivated, Russian-speaking threat actor that has been running a malware campaign against users in the United States and Europe since at least […]

Agencies and Industry Coordinate Post-Quantum Migration PlansThe White House convened government officials, quantum companies and researchers to accelerate the transition to post-quantum cryptography, align public-private investments and reinforce a 2030 deadline as advances in quantum computing increase risks to today's encryption.

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

Researchers Identified Two Undocumented Variants Used Since 2023Eset uncovered two previously undocumented Windows variants of the China-linked SprySocks backdoor tied to FishMonger and iSoon, revealing expanded espionage capabilities, rootkit-based stealth and continued targeting of government organizations across Asia and Central America.

China’s UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google’s Threat Intelligence Group published a report this week on UNC6508, a China-linked cyberespionage group that breached North American medical and military research organizations and stayed hidden for more than two years. The earliest confirmed intrusion […]

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026

Researchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (SRG)’s Fast Flux network infrastructure and shares available intelligence with the cybersecurity community to disrupt their malicious activities and enable ISP/DNS providers to counter this threat. […]

Also: Gas Station Monitoring Systems Under Attack, Spanish Teen Doxer ArrestedThis week, more happened than fits here: Microsoft tried to make nice with researchers, gas tank gauges under attack in the United States, fake FIFA websites are everywhere. Russia cried cyberespionage, Spanish police arrested a teenage doxer, a Oracle WebLogic flaw was actively exploited.

The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence analysts have been warning about the same thing: smartphone location data isn’t just an advertising product. It’s surveillance infrastructure that anyone with enough money can access. […]

Bank Info Security 1 month, 2 weeks ago

NIST Rebrands AI Consortium, Ditches 'Safety' From Name

Agency Expands Research Beyond Safety Testing to Standards and EvaluationThe U.S. National Institute of Standards and Technology is expanding one of its largest artificial intelligence initiatives, rebranding the AI Safety Institute Consortium and reopening participation as the Trump administration pushes a more industry-focused approach to AI development and governance.

Nimbus Manticore accelerated cyberattacks during wartime, using AI-assisted malware, fake Zoom installers, and SEO poisoning. When the United States launched Operation Epic Fury against Iran at the end of February 2026, most analysts expected the country’s cyber apparatus to hunker down and weather the storm. That’s not what happened. Instead, researchers at Check Point have […]

TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing attacks from initial access to data exfiltration.

Bank Info Security 2 months, 1 week ago

HHS Proposes to Restructure Biomedical Research With AI

ARPA-H Program Aims to Speed Up Disease Breakthroughs Using AI-Enabled EcosystemBiomedical research breakthroughs for complex diseases and chronic illnesses can take years to achieve. The U.S. Department of Health and Human Services is hoping to speed that up ten-fold by creating an artificial intelligence-enabled interoperable research ecosystem.

Bank Info Security 2 months, 2 weeks ago

FBI: Chinese Hacker Extradition Sends a Global Message

Alleged Nation-State Hacker Being Held in Houston JailU.S. prosecutors allege 34-year-old Chinese national Xu Zewei operated under China’s Ministry of State Security to hack universities and firms during the pandemic, exploiting VPN and Exchange flaws and exfiltrating research data in a Silk Typhoon campaign.

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy.  Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including

UPGRADE and DigiSeals Programs at ARPA-H Remain Fully FundedA U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Loading more headlines...