Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view
Bank Info Security 1 year, 3 months ago

Lazarus Expands NPM Campaign With Trojan Loaders

North Korea's Lazarus Deploys Malicious NPM Packages to Steal DataNorth Korea's Lazarus Group expanded a malicious campaign of uploading malicious code to the JavaScript runtime environment npm repository, publishing 11 packages embedded with Trojan loaders. Researchers identified 11 malicious packages in the repository, a hotspot for supply chain attacks.

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems