Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

32 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 32 Filtered view

The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT

CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into compromising their accounts

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface

Bank Info Security 11 months, 1 week ago

Scattered Spider and ShinyHunters' Next Move: Leaking Data

Extortionists Detail Fresh Victims, Although Sensitivity of Stolen Data UnclearExtortionists tied to the Scattered Spider and ShinyHunters hacking collectives have begun naming victims and leaking data via a new, dedicated Telegram channel. Many of the breaches appear to trace to social engineering attacks that gained attackers access to a victim's Salesforce instance.

Keep It Simple, Stupid Interview Scattered Spider and Iranian government-backed cyber units have more in common than a recent uptick in hacking activity, according to Ariel Parnes, a former colonel in the Israeli Defense Forces' cyber unit 8200.…

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025

Bank Info Security 1 year, 4 months ago

Insight Partners Compromised Via Social Engineering Attack

Private Equity Firm Says It'll Take Several Weeks to Pinpoint Scope of Jan. 16 HackAn unauthorized third-party accessed certain information systems last month from Insight Partners through a sophisticated social engineering attack. Insight said it'll take the next several weeks to determine the scope of the Jan. 16 incident with the support of third-party cybersecurity experts.

Attackers Embrace Dating Sites and Encrypted Messaging Apps for Social EngineeringRussian military and intelligence hacking teams continue to refine their Ukrainian targeting, lately shifting to online attacks designed to support and help Moscow's military operations succeed, including social engineering schemes launched via dating portals and encrypted messaging apps.

Hacking your way in is so 2022 – logging in is much easier Identity-related threats pose an increasing risk to those protecting networks because attackers – ranging from financially motivated crime gangs and nation-state backed crews – increasingly prefer to log in using stolen credentials instead of exploiting vulnerabilities or social engineering.…

Loading more headlines...