Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 9 most recent headlines Filtered view

Complaint Says Service Generated More Than 1.5 Million Malicious URLsGoogle has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft.

Bank Info Security 1 month, 2 weeks ago

Glassworm Group: Software Supply-Chain Attackers Disrupted

Suspected Russian Crime Group Built Resilient Command-and-Control InfrastructureIn a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm cybercrime group, cutting off attackers from victims. The group has wielded a remote access Trojan to repeatedly target developers of widely used open-source software.

Bank Info Security 10 months, 2 weeks ago

Cloudflare Joins List of Salesloft Drift Breach Victims

Full Breach Scope Remains Unclear; Hundreds of Organizations Reportedly AffectedThe scope of the Salesloft Drift data breach continues to expand, now counting Cloudflare, Zscaler, Palo Alto Networks as victims and what investigators say are many hundreds more organizations that connected their Salesforce, Google Workspace or other tools to Salesloft's AI chatbot.

Bank Info Security 10 months, 2 weeks ago

Salesloft Drift Attacks Exposed Zscaler Customer Data

'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn ExpertsThreat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customer Zscaler. Google Workspace instances were also breached.

Bank Info Security 1 year, 1 month ago

Scattered Spider Targeting American Insurance Firms

Hackers Posing as Help Desks and Call Centers to Target Victims, Google WarnsA hacking collective behind recent cyberattacks on major British retailers has pivoted to target U.S. insurance firms, warned Google. Scattered Spider, tracked as UNC3944 by Google, is a financially motivated threat group consisting largely of English-speaking adolescents.

Bank Info Security 1 year, 1 month ago

Fake AI Tools Lure Users in Year-Long Malware Campaign

Mandiant Says Malware Spread Through Fake AI Video Ads Seen by MillionsOnline scammers are converting excitement over generative artificial intelligence into fraudulent sites that infect victims with malware, says threat intel firm Google Mandiant in a report exposing a year-long campaign to distribute infostealers and backdoors.

Bank Info Security 1 year, 3 months ago

Breach Roundup: Port of Seattle Notifies 90,000 Victims

Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete ServersThis week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider's "King Bob" pleaded guilty, SmokeLoader users busted.

Bank Info Security 1 year, 4 months ago

Ukrainian Signal Users Fall to Russian Social Engineering

Google Expects Tactics to Spread; Global Targets and Other Services at RiskRussian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.