Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view

Also, Taiwan Rail Hack, Massive DDoS Attack and Karakurt Jail SentenceThis week, Microsoft Edge exposed passwords, Taiwan police make arrests in high-speed rail hack and a 2.45 billion-request DDoS attack. A Karakurt negotiator jailed, North Korean IT worker scams led to prison terms and France detained a teen over a government data breach. Another Ivanti zero-day.

Bank Info Security 11 months, 3 weeks ago

US Nuclear Agency Breach Tied to SharePoint Zero-Days

Over 400 Organizations Breached Via Ongoing ToolShell Attacks, Researchers WarnThe U.S. government agency that maintains and designs America's nuclear weapons was reportedly breached by attackers exploiting zero-day flaws in on-premises Microsoft SharePoint servers, with researchers now counting over 400 victims, including European and Middle Eastern governments.

Bank Info Security 1 year, 4 months ago

Belgium Investigating Intelligence Agency Hack by China

Hackers Reportedly Exploited Barracuda ESG Zero-DayThe Belgian government opened a federal probe into a suspected Chinese espionage campaign targeting the country's civilian intelligence service. The attack on the Belgian government aligns with the broader Chinese strategy of compromising edge devices for stealth espionage campaigns.

Espionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass HitsRussian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.

Bank Info Security 1 year, 5 months ago

Breach Roundup: DeepSeek Leaked Sensitive Data

Also: Infostealer Malware Compromises Mexican Government ComputersThis week, DeepSeek exposed sensitive data, hackers exploited unpatched Zyxel flaws, infostealer malware on Mexican government computers, Smiths Group incident, PowerSchool breach notifications, an Apple zero-day, XWorm RAT backdoor, and Credit Control Corporation settled a lawsuit.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG FirewallThe U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

Bank Info Security 1 year, 8 months ago

ISMG Editors: US Election Impact on Cybersecurity, HIPAA

Also: Potential Government Policy Changes; AI-Driven Zero-Day DiscoveriesIn the latest weekly update, ISMG editors discussed how the recent election results may reshape U.S. cybersecurity policy and healthcare privacy under HIPAA and the groundbreaking role of artificial intelligence in Google’s recent discovery of a critical zero-day vulnerability.

Bank Info Security 1 year, 8 months ago

Fortinet Discloses Actively Exploited Zero-Day

U.S. Federal Government Gives Agencies Three Weeks to Patch or MitigateFortinet disclosed an actively exploited vulnerability in its centralized management platform following more than a week of online chatter that edge device manufacturer products have been under renewed attack. Cybersecurity researcher Kevin Beaumont christened the vulnerability "FortiJump."

Bank Info Security 1 year, 10 months ago

Breach Roundup: Ex-Verizon Worker Cops to Spying for China

Also: Turn in Volodymyr Kadariya, Get $2.5 Million from Uncle SamThis week, an ex-Verizon employee pleaded guilty, SonicWall fixed critical flaws,South Korean hackers exploited a zero-day, U.S. retailer Dick's Sporting Goods was breached, the U.S. government offered a big reward, Grok AI will send election queries to Vote.gov, and HIPAA is 28 years old.

Government Nurtures Homegrown Talent and Hack-for-Hire Ecosystem, Research FindsChina boasts many of the world's most talented zero-day vulnerability researchers as well as a strict cybersecurity law compelling individuals to assist the state, and the government doesn't appear to shy away from using both those facts to its advantage, a new research study finds.

Bank Info Security 2 years, 2 months ago

Mitre Says Hackers Breached Unclassified R&D Network

Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in CyberattackA nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.