Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

40 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 40 Filtered view

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data leaks. The post When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps appeared first on Microsoft Security Blog.

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments

Startup Platform Targets Autonomous Detection and Exposure ManagementCybersecurity startup Kai emerged from stealth with $125 million in funding led by Evolution Equity to develop an agentic AI platform that automates exposure management, threat intelligence, analysis and detection workflows while helping security teams remediate vulnerabilities faster.

Bank Info Security 4 months, 3 weeks ago

Startup Astelia Secures $35M for AI Vulnerability Management

Index Ventures Backs End-to-End Platform, Targeting of AI-Driven Vulnerability RiskAstelia raised $35 million in Series A funding led by Index Ventures to scale its AI-powered exposure management tool. The company uses AI agents and network analysis to help enterprises prioritize exploitable vulnerabilities and reduce remediation noise across hybrid and on-premises environments.

Update Chainlit to the latest version ASAP Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud environments at risk of leaking data or even full takeover, according to cyber-threat exposure startup Zafran.…

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by scanning 5 million applications revealed over

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed unauthorized extraction of user data from AI memory

Attackers are using AI to weaponize old vulnerabilities while security teams face expanding attack surfaces and limited resources. Intruder's 2025 Exposure Management Index reveals how 3,000+ organizations are adapting and fixing critical flaws faster than ever. [...]

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft

Bank Info Security 9 months, 3 weeks ago

Salesforce Patches CRM Data Exfiltration Vulnerability

Agentforce Agentic AI Tool Was Exposed to Indirect Prompt Injection AttacksSalesforce has patched a vulnerability involving its Agentforce agentic artificial intelligence tool, discovered by researchers, that attackers could have exploited using an indirect prompt injection attack to steal sensitive customer data and leads being stored in the CRM system.

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks

Bank Info Security 10 months, 2 weeks ago

Exposed LLM Servers Expose Ollama Risks

Over 1,100 Ollama Servers Leave Enterprise Models Vulnerable: Cisco TalosMore than a thousand servers running Ollama, a tool that can deploy artificial intelligence models locally, are exposed to the open internet, leaving many of them vulnerable to misuse and potential attacks. The bulk are dormant, but could be exploited through misconfiguration, Cisco Talos said.

Loading more headlines...