Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 18 most recent headlines Filtered view

Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence.

Bank Info Security 2 months, 2 weeks ago

Researchers Find 38 Flaws in OpenEMR. They've Been Fixed

AI Tool Used to Discover Bugs, Which Included 2 Maximum Severity VulnerabilitiesResearchers at security firm AISLE said they recently identified 38 vulnerabilities, including two maximum-severity zero-day flaws in OpenEMR, an open-source electronic medical record software platform used by about 100,000 healthcare providers globally. OpenEMR has patched the problems.

Report claims more vulnerabilities created than fixed as remediation gap widens Veracode has posted its annual State of Software Security report, based on data from 1.6 million applications tested on its cloud platform, finding that more vulnerabilities are being created than are being fixed, and that high-velocity development with AI is making comprehensive security unattainable.…

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API keys by injecting malicious configurations into repositories, and then waiting for a developer to clone and open an untrustworthy project.…

Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's machine, and run arbitrary code.…

Bank Info Security 1 year, 8 months ago

Google AI Agent Finds Zero-Day in Popular Database Engine

Now-Fixed Flaw Is Big Sleep's First Real-World Bug Find, Say ResearchersGoogle's "highly experimental" artificial intelligence agent Big Sleep has autonomously discovered an exploitable memory flaw in popular open-source database engine SQLite. The researchers detail how the AI agent discovered the now-patched vulnerability.

You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.…

Bank Info Security 1 year, 10 months ago

Microsoft Copilot Fixes ASCII Smuggling Vulnerability

Security Researcher Uncovered the Flaw, Which Allowed System TakeoverMicrosoft says it fixed a security flaw in artificial intelligence chatbot Copilot that enabled attackers to steal multifactor authentication code using a prompt injection attack. Security researcher Johann Rehberger said he discovered a way to invisibly force Copilot to send data.

Cybersecurity researchers have discovered a bypass for a recently fixed actively exploited vulnerability in some versions of Ivanti Endpoint Manager Mobile (EPMM), prompting Ivanti to urge users to update to the latest version of the software