Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

19 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 19 most recent headlines Filtered view

Frame's AI Models Build Contextualized Security Lessons Automatically in MinutesFrame Security, founded by former Wiz product and sales leader Tal Shlomo, emerged from stealth with $50 million to build AI-generated cyber training and simulations designed to prepare employees for phishing, deepfakes, voice cloning and other personalized social engineering attacks.

Bank Info Security 2 months, 2 weeks ago

Germany Caught Up in Likely Russian Signal Phishing

Governments Have Long Warned About Kremlin Social Engineering HacksSignal is defending the security of its systems following a series of phishing attacks that took place on the encrypted messaging platform, and that reportedly compromised members of the German government including the president of the country's parliament.

Bank Info Security 5 months, 2 weeks ago

Social Engineering Hackers Target Okta Single Sign On

ShinyHunters Campaign Uses Voice Phishing to Bypass MFA and Steal Corporate DataSecurity experts warn that "an active and ongoing campaign" being waged by ShinyHunters extortionists has at least 150 organizations in its sights across a range of sectors, with attackers using live voice phishing to bypass multifactor authentication, steal cloud data and hold it to ransom.

Bank Info Security 9 months, 3 weeks ago

Phishing Campaign Lobs Malicious SVG Attachments at Ukraine

Government Agencies Targeted With Infostealers and Cryptomining MalwareA fake police alert is the social engineering cornerstone of an ongoing phishing campaign targeting Ukrainian government agencies, warn security researchers. They're tracking a surge in malicious SVG file attachments, in this case leading to information-stealing and cryptocurrency-mining malware.

Bank Info Security 9 months, 4 weeks ago

FileFix Campaign Uses Facebook Suspension as Bait

Users Download Malware in Bid to Placate MetaA newly surfaced FileFix social engineering campaign puts a new spin on ClickFix attacks by goading users into loading malware under the guise of reporting a wrongful account suspension to social media giant Facebook. Victims likely get sucked into the scam by following a link from a phishing email.

Bank Info Security 10 months, 1 week ago

Hackers Compromise 18 NPM Packages in Supply Chain Attack

Attacker Socially Engineered Developer With Phishing EmailA hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.

Bank Info Security 10 months, 2 weeks ago

Varonis Acquires SlashNext to Combat Phishing, Email Attacks

Acquisition Targets Business Email Compromise, Impersonation and Spear-PhishingVaronis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.

Bank Info Security 11 months, 1 week ago

Google and Cisco Report CRM Software Breaches via Vishing

Voice Phishing Attacks on Salesforce Users Remains Repeat ShinyHunters TacticTechnology giants Google and Cisco separately said they've both suffered recent data breaches after attackers socially engineered their employees via voice phishing attacks, leading to a breach of their customer relationship management software, exposing customer data.

Ironscales Founder, CEO Eyal Benishti Pushes to Expand AI Protection Beyond EmailDeepfake phishing is escalating as cybercriminals deploy agentic AI to automate everything from data collection to social engineering. Ironscales founder and CEO Eyal Benishti outlines how phishing is targeting communication platforms beyond email, and how defenders can keep up.

Telephone-Oriented Attack Delivery Social Engineering Tactic ThrivesThe phishing industry is a never ending font of innovation. Cyber fraudsters are determined to worm their way into your inbox. Recent attacks involve callback phishing, a social engineering tactic designed to break down victims' defenses by spurring them into calling the scammers themselves.

Bank Info Security 1 year, 4 months ago

Russian-Speaking Hackers Goad Users into Installing Havoc

A newly discovered phishing campaign is using social engineering to dupe victims into copying, pasting, and running the Havoc command-and-control framework on their computers, warn researchers from Fortinet. "ClickFix," displays a fake error message and instructions for its supposed resolution.

Bank Info Security 1 year, 4 months ago

Ukrainian Signal Users Fall to Russian Social Engineering

Google Expects Tactics to Spread; Global Targets and Other Services at RiskRussian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.

Bank Info Security 1 year, 5 months ago

AI Rise: Can We Still Trust What We See?

AI-Powered Social Engineering and Deepfake Threats in 2025Security researchers predict threat actors will use artificial intelligence and large language models to enhance phishing attacks and create convincing fake personas, while defensive AI enters a new phase of semiautonomous operations.

CISA and FBI Warn of Iranian Hackers Targeting US Political Campaigns and OfficialsThe Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have issued new guidance to help U.S. political campaigns defend against increasing cyber threats from Iran, recommending stronger multi-factor authentication, phishing-resistant protocols, and vigilance against social engineering.

Scammers Use Social Engineering and Phishing to Fool Workers and IT Help Desk StaffFederal authorities warn of social engineering and phishing scams - sometimes targeting IT help desk workers - that allow attackers to steal login credentials and access healthcare sector entities' IT systems so they can divert automated clearinghouse payments to bank accounts the attackers control.

Bank Info Security 2 years, 1 month ago

HHS Warns Health Sector of Business Email Compromise Scams

Agency Spells Out Measures to Avoid Falling Victim to Costly SchemesHealthcare organizations should take steps to avoid falling victim to evolving threats involving costly business email compromise scams and related phishing schemes fueled by social engineering, warned the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center.

Bank Info Security 2 years, 3 months ago

Police Probe Honeytrap Sexting Scam Targeting British MPs

Warning: Low-Tech, Deceptive Social Engineering Attacks Remain Difficult to DetectBritish police are investigating attempts to target Members of Parliament, their advisers and other Conservative and Labour insiders via spear-phishing messages as part of an apparent honeytrap sexting scam. Experts say low-tech attacks based on social engineering remain difficult to detect.

Bank Info Security 2 years, 5 months ago

Report: Hackers Scammed $7.5M From HHS Grant Payment System

Money Meant for Poor Communities Stolen as Authorities Issued Phishing Scam AlertsHackers have reportedly stolen about $7.5 million from a Department of Health and Human Services grant payment system in a series of cyberattacks last year. The news comes in the midst of HHS and other authorities warnings about rising threats involving social engineering and payment scams.

Bank Info Security 2 years, 6 months ago

Beyond Hacktivism: Akamai CTO on Shifting Threat Landscape

Robert Blumofe on DDoS Attacks, API Security, Zero Trust and FIDO2-MFARobert Blumofe, executive vice president and CTO at Akamai, expects social engineering, phishing, extortion and AI-driven attacks to dominate the threat landscape. He advised enterprises to use FIDO2-based MFA, zero trust, microsegmentation and API security to reduce risks.