Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

49204 headlines in this view

Refine the feed

Search across headline titles and summaries.

Showing 20 most recent headlines of 49204
Bank Info Security 17 minutes ago

Hidden Backdoor Found in Tenda Router Firmware

Unauthenticated Flaw Allows Full Router, Network TakeoverA hidden backdoor, disclosed by CERT/CC and found in multiple firmware versions made by Chinese manufacturer Tenda, bypasses authentication and could grant attackers administrative access. Researchers are reporting exploitation and an Nmap script is making vulnerable devices easier to identify.

Security Leaders Need to Act Now to Set Guardrails, Seize OpportunitiesIn Barrie's Peter Pan, Wendy sewed Peter's mischievous shadow back on his feet. Wendy saw what was incomplete and chose to act. We, as security practitioners in the age of emerging AI, also must choose whether to act - and how to act - to both govern AI and seize new opportunities.

Bank Info Security 54 minutes ago

The Elephants in the Technology Room - Part 4

Why IT and Security Teams Can No Longer See What They're Supposed to ProtectShadow IT has evolved into shadow SaaS, shadow AI, shadow data and autonomous agents that operate beyond security's view. Traditional governance models can no longer keep pace. Organizations must transition from blocking technology to making its use visible, monitored and data-controlled.

Bank Info Security 54 minutes ago

The Most Elusive Criminal Quality: Anonymity

Suspected Scattered Spider Member Reportedly Unmasked After Making Death ThreatHow did investigators unmask a 19-year-old suspected Scattered Spider extortionist? Amateur sleuths have highlighted Microsoft-gathered device telemetry in charging documents. But a researcher said he was quickly unmasked and tracked for years, after he sent her a death threat.

Anarchic Western Adolescent Hacking Groups Appear to Defy Easy CategorizationSome cybersecurity entities are groups, with office hours and vacation time. But others, such as Scattered Spider and other Com spinoffs, are largely comprised of adolescent hackers and extortionists, and often display more anarchic behavior that makes their efforts tougher to combat.

As hospital-at-home programs expand and AI adoption accelerates, healthcare organizations face mounting cloud security demands. Anahi Santiago, CISO of ChristianaCare, discusses vendor accountability, identity management, clinical AI risks and the need for stronger cybersecurity foundations.

Delayed Rollout Highlights Enterprise Risk as Frontier AI Becomes Strategic InfrastructureOpenAI’s GPT-5.6 is slated for public release Thursday after federal testing and a limited preview. The rollout underscores how frontier artificial intelligence access is becoming a governance, cybersecurity and operational risk issue for enterprises.

Agencies and Industry Coordinate Post-Quantum Migration PlansThe White House convened government officials, quantum companies and researchers to accelerate the transition to post-quantum cryptography, align public-private investments and reinforce a 2030 deadline as advances in quantum computing increase risks to today's encryption.

Frontier AI Developer Says Enterprise Customers Could Mistake the Two BrandsAnthropic alleges Abnormal's 2025 rebrand unlawfully mirrors its visual identity as both companies increasingly compete for enterprise AI security customers, while Abnormal denies any likelihood of customer confusion and says its branding predates Anthropic's claims.

Bank Info Security 54 minutes ago

Hidden Backdoor in Tenda Router Firmware

Unauthenticated Flaw Allows Full Router, Network TakeoverA hidden backdoor, disclosed by CERT/CC and found in multiple firmware versions made by Chinese manufacturer Tenda, bypasses authentication and could grant attackers administrative access. Researchers are reporting exploitation and an Nmap script is making vulnerable devices easier to identify.

Fake apps like WireVPN and a trojanized 7-Zip turn victims’ devices into residential proxies, letting criminals route traffic through their IPs. Infoblox’s threat research team started pulling on a single thread in early 2026: a fake version of the 7-Zip archive utility hosted at 7zip[.]com instead of the real site, 7-zip[.]org. The researchers uncovered a […]

Loading more headlines...