Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

89 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 89 Filtered view

Accenture confirmed a breach after a hacker claimed to steal 35 GB of source code, keys, and Azure credentials now offered for sale. A threat actor using the handle “888” claimed on the cybercrime forum PwnForums this week to have stolen 35 gigabytes of data from Accenture in July and offered it for sale. “Today […]

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform. After BleepingComputer notified Target, the files were taken offline and the retailer's developer Git server was inaccessible. [...]

Concerns Grow Over F5 Hacking Amid Stalled Government ShutdownFederal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching.

Bank Info Security 9 months, 1 week ago

GitHub Copilot Chat Flaw Let Private Code Leak Via Images

Researcher Found Bug Could Exfiltrate Secrets Via Camo ImagesA now-patched flaw in GitHub Copilot Chat could have allowed attackers to steal private source code and secrets by embedding hidden prompts that hijacked the artificial intelligence assistant's responses. The exploit also used the code hosting platform's image proxy to leak the stolen data.

Group Reportedly Scanned Salesloft's Source Code on GitHub, Recovered OAuth TokensThe ShinyHunters extortionists behind data-grabbing August attacks on Salesloft Drift users claim to have stolen 1.5 billion Salesforce records from 760 companies after breaching Salesloft's private Git repository and scanning it for secrets, which led to them recovering working OAuth tokens.

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites

Remote position, webcam not working, then glitchy AI face ... Red alert! Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security company also using artificial intelligence, and then steal source code or other sensitive IP.…

Loading more headlines...