Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn't changed: stolen credentials

Also: Detainment in GainBitcoin Case, Solv Protocol and Gondi HacksThis week, an arrest in a $46M U.S. Marshals theft, a detainment in the GainBitcoin case, exploits at Solv Protocol and Gondi, an Alibaba AI agent's mining attempt, the SEC dropping claims against Justin Sun, Treasury weighing in on mixers, Bithumb facing suspension and a lawsuit against Coinbase.

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials

Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs — turning small cracks into serious breaches

Bank Info Security 7 months, 2 weeks ago

Cryptohack Roundup: Authorities Shutter Cryptomixer

Also: Anthropic Warns of Autonomous AI Exploits on BlockchainThis week, authorities shutter Cryptomixer, Anthropic warns about autonomous AI exploits, U.K. plans ban on crypto political donations, Do Kwon seeks leniency, Lazarus Group suspected in Upbit theft, Balancer's post-exploit plans and Yearn recovers some hacked amount.

Bank Info Security 9 months, 1 week ago

GitHub Copilot Chat Flaw Let Private Code Leak Via Images

Researcher Found Bug Could Exfiltrate Secrets Via Camo ImagesA now-patched flaw in GitHub Copilot Chat could have allowed attackers to steal private source code and secrets by embedding hidden prompts that hijacked the artificial intelligence assistant's responses. The exploit also used the code hosting platform's image proxy to leak the stolen data.

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Bank Info Security 11 months, 1 week ago

Cryptohack Roundup: Verdict in Tornado Cash Founder's Case

Also: Samourai Wallet Co-Founders' Guilty Plea, Coinbase Loss From Data TheftThis week, Tornado Cash co-founder convicted, Samourai Wallet guilty plea, Coinbase insider data theft, a U.S. court overturned an OpenSea executive's fraud conviction, AI-written malware stole crypto, Credix exploit, CZ sought dismissal of FTX claim, July hacks and a FinCEN crypto ATM warning.

Bank Info Security 11 months, 2 weeks ago

AI Agents Can Hack Smart Contracts on Autopilot

AI Tools Can Steal Crypto Autonomously, Even From Audited CodeArmed with just a smart contract address, researchers developed an autonomous artificial intelligence tool that can scan for vulnerabilities, write working exploits in the Solidity blockchain programming language and siphon funds. "It behaves more like a human hacker," said its co-creator.

Bank Info Security 1 year, 2 months ago

Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data

California Man Pleads Guilty to Two Felony Charges Related to Hacking Employee's PCA California man agreed to plead guilty to hacking a Disney employee's personal computer and stealing over one terabyte of confidential company data. Authorities say the man posted a malicious artificial intelligence art application online and used it to steal an employee's credentials.

They're good at zero-day exploits, too Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence.…

APIs are the backbone of modern applications, enabling connectivity and functionality across diverse systems. However, the growing complexity of API ecosystems introduces vulnerabilities that attackers exploit to disrupt operations, steal data, or launch other malicious activities. Without real-time visibility and robust threat detection, businesses face significant risks.

Loading more headlines...