Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view
Bank Info Security 2 months, 2 weeks ago

Pentagon's Anthropic Fight Draws Rebuke From Ex-DOD Leaders

Former Officials, Tech Groups Say Anthropic Designation Is Illegal - and DangerousFormer U.S. defense and intelligence officials argue the Pentagon's designation of Anthropic as a supply-chain risk was politically motivated and legally flawed, warning it could erode trust in government contracting and weaken the defense AI ecosystem.

Bank Info Security 3 months, 2 weeks ago

Mercor Breach Linked to LiteLLM Supply-Chain Attack

AI Dependency Attack Reportedly Exposes Data and Source CodeA LiteLLM supply-chain compromise enabled attackers to harvest credentials and access internal environments at scale at Mercor. The firm was the first to confirm a LiteLLM breach, and researchers are warning about growing AI system exposure and limited visibility.

Bank Info Security 3 months, 4 weeks ago

Pentagon Warns Anthropic Could 'Subvert' Defense AI Systems

New Filing Frames Anthropic Dispute as Operational Control Issue - Not Free SpeechThe Justice Department is arguing in a new court filing that Anthropic's ability to update guardrails and behavior post-deployment creates unacceptable supply-chain risks, warning that vendor access to AI systems could enable manipulation or failure in mission-critical defense operations.

Bank Info Security 4 months, 1 week ago

Pentagon Moves to Cut Anthropic From Defense AI Work

Defense Contractors May Be Forced to Remove Claude From Pentagon ProgramsThe Pentagon labeled Anthropic a supply-chain risk after accusing the artificial intelligence firm of restricting military use of its tools, a move that could force defense contractors to cut ties with Claude as the company prepares a legal challenge and the tech sector warns of wider fallout.

Nation State Hackers Escalating Attacks on US Defense Industrial Base, Report SaysA new report from Google Threat Intelligence Group warns that state-backed hackers are escalating attacks on the defense industrial base, shifting from classic espionage to supply-chain compromise, workforce infiltration and battlefield-adjacent cyber operations.

Bank Info Security 6 months, 4 weeks ago

Senate Intel Chair Warns of Open-Source Security Risks

Top Lawmaker Urges White House to Review Foreign Influence in Open-Source CodeA top Republican in the U.S. Senate warned the White House that foreign adversaries are exploiting trusted open-source software used across federal networks and defense systems, urging the National Cyber Director to lead efforts to monitor contributors and reduce supply chain risk.

Bank Info Security 1 year, 6 months ago

Chinese Connected Car Tech Banned by Biden Administration

National Security and Hacking Worries Underpin Concerns over Supply Chain RiskThe U.S. federal government is telling the automotive industry to stop buying Chinese manufactured hardware and software powering onboard telematics and automated driving systems, warning that the potential for nation-state hacking and espionage poses a national security risk.

Bank Info Security 2 years, 1 month ago

Courtroom Recording Software Hit by Supply Chain Attack

Backdoored Installer Facilitates Full, Remote Takeover, Justice AV Solutions WarnsAttackers backdoored versions of widely used audiovisual recording software being distributed by Justice AV Solutions via its official download site. Experts say users should "immediately" update to patched versions, review their IT environments for signs of compromise and wipe affected endpoints.

Bank Info Security 2 years, 3 months ago

After XZ Utils, More Open-Source Maintainers Under Attack

Fresh Social Engineering Attacks Resemble Tactics Used Against XZ Utils MaintainerMajor open-source software projects are warning that more pieces of code than XZ Utils may have been backdoored by attackers, based on ongoing supply-chain attack attempts that have targeted "popular JavaScript projects," apparently seeking to trick them into sharing code maintainer rights.

Bank Info Security 2 years, 3 months ago

Breach Roundup: Sisense Supply Chain Attack

Also: A Romanian Botnet and Alcohol Counselor Monument Settles with US FTC Over AdsThis week, Sisense supply chain attack, a likely Romanian botnet, Patch Tuesday, an Apple spyware warning and AT&T notifies customers of breach. Alcohol counselor Monument shared data with Meta, a breach of Home Depot employee data, a breach at Targus and a threat actor targeted Moroccan activists.

Bank Info Security 2 years, 5 months ago

Feds Warn Healthcare Sector of ScreenConnect Threats

HHS: Compromise at Large Pharma Software and Services Firm Puts Entities at RiskFederal authorities are warning of attacks on healthcare sector firms that use ConnectWise's remote access tool ScreenConnect. Hackers compromised a locally hosted version of the tool used by a large national pharmacy supply chain and managed services provider in 2023.

Bank Info Security 2 years, 6 months ago

DOD Unveils First-Ever National Defense Industrial Strategy

Pentagon Warns Failure to Modernize Defense Industrial Base Will Hinder US GloballyThe Department of Defense released a 60-page strategy that aims to modernize the defense industrial ecosystem and focuses on four long-term strategic priorities: improving supply chain resilience, enhancing workforce readiness, streamlining acquisitions and refining economic deterrence measures.

Bank Info Security 2 years, 7 months ago

North Korean Hacking Alert Sounded by UK and South Korea

Supply Chain Attacks: Hackers Target Zero-Days in Widely Used Software, Alert WarnsNorth Korean state-affiliated hackers are continuing to exploit zero-days in popular software applications as part of global supply chain attack campaigns for espionage and financial theft purposes, British and South Korean cybersecurity and intelligence officials said.