Crims found the soft spot in the company's security. MyPillow, the US-based bedding brand founded by election conspiracy theorist Mike Lindell, has been listed by Play ransomware extortionists as an alleged victim. The pillow shop first appeared on Playโs name-and-shame data leak site on Monday, with the gang threatening to leak stolen data by Friday if MyPillow execs donโt pay the ransom demand. While the extortionists didnโt specify how many gigabytes of data they allegedly stole from MyPillow, they claim it includes โprivate and personal confidential data, client documents, budget, payroll, IDs, taxes, finance informationโ and more, according to the dark-web post seen by The Register and shared on social media by threat-intel firm FalconFeeds. MyPillow did not immediately respond to The Registerโs inquiries. We will update this story if we receive any response. As of May 2025, the FBI said Play ransomware operators had allegedly exploited about 900 organizations, and the crewโs ransomware variant consistently ranks among the top five targeting critical infrastructure. Play previously stole around 65,000 Swiss government files after breaching its IT supplier Xplain in 2023. A year later, the group hacked Microchip Technology. The American semiconductor manufacturer told regulators that the ransomware attack disrupted some of its business operations and cost it $21.4 million in expenses related to the security incident. North Korean government goons have also used Play ransomware in their intrusions. Cisco Talos' incident responders previously told The Register that Play was one of the crews that used so-called "EDR killers" to disable endpoint security products in their ransomware infections. MyPillow is probably best known for its founder and CEO's politics. Lindell is a major proponent of President Trumpโs false claims that the 2020 election was stolen, and is now running for Minnesota governor. ยฎ
Some internet connectivity is returning in Iran after nearly 90 days offline, web monitoring groups say. But it isnโt clear if the reconnection is permanent.
Firefox is alive and well - and offering a fast, customizable, bloat-free, private, secure browsing experience from developers who actually listen to their users.
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026.
The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and Carbon Black.
The security angle on encrypted DNS is often oversimplified. DoH prevents ISP-level snooping and basic DNS hijacking, but doesn't protect against a compromised resolver. DoT is easier to detect and block, which has real implications for threat actors trying to exfiltrate via DNS. DoQ is interesting from a security perspective because QUIC's connection ID migration makes traffic correlation harder. Article includes benchmark data and practical server config โ but mostly written for the "which threat model does each protocol address" question.
I published a technical write-up on an old OLX account takeover issue.
The core bug was an OTP correctness leak inside the rate-limit state.
After repeated invalid OTP attempts, the application showed a lockout message. However, blocked submissions did not become response-equivalent.
Invalid codes during lockout still produced the invalid-code signal.
The valid code during lockout removed that signal while keeping the lockout message.
That made the lockout state act as an oracle for whether the OTP was correct.
The broader impact came from reuse of the verification flow across account paths, including recovery/reset-style flows, plus weak session revocation behavior after password change.
The write-up focuses on the response-difference behavior, why the validity window mattered, how the issue escalated to account takeover, and why lockout states must stop leaking success/failure information.
National security and digital forensics experts have called foul on Nigel Farage's "disturbing" and unsubstantiated claim that Russia was behind the leak of a story about the UK politician receiving a ยฃ5 million gift from a crypto billionaire. Sources inside Farage's right-wing Reform UK told the Mail on Sunday that the party leader believes Russian spies hacked his phone and relayed details about Christopher Harborne's gift, a matter of which only four people were aware. Farage was said to have engaged outside "counter-espionage experts" to perform a technical analysis of his device โ analysis that was said to point to Russia. According to Peter Sommer, professor of digital forensics at Birmingham City University, whichever outfit was entrusted to carry out this work would have been looking for two different types of markers to prove Russia was involved. These would be either the phishing message Farage clicked on that allowed Russia to access his private communications or the malware code an attacker used to exfiltrate them. "It's obviously trivial to disguise the source of an email, so that doesn't help," Sommer told The Register. "And the second thing is if you're talking about looking for hacking codes, hackers, whether they are juveniles or people in major SIGINT systems, are likely to be stealing from each other, so there's nothing unique about a code that would say where it comes from." Sommer also highlighted that advanced intelligence powers have tools at their disposal to obfuscate the source of malicious code. The CIA's leaked Marble Framework supposedly had the ability to translate malicious code into any language, including those used by its chief adversaries. "Now, absent from that, how on Earth do you determine that this is a Russian hack?" Sommer asked. Neither Farage nor Reform UK has spoken officially on the alleged Russian phone hack. They have not specified which experts on whose conclusions they used to make the claims, they have not stated what evidence pointed to Russia's involvement, and they have not committed to making this forensic assessment available for public scrutiny. Opening up the data for verification was one of the core issues raised by Ciaran Martin, founding chief executive of the UK's National Cyber Security Centre (NCSC), who labeled Farage's claims "disturbing" and "without any merit." Speaking to The Guardian, Martin said that not only is the lack of clear evidence concerning, but also if Russia was behind the hack-and-leak operation, a deliberate attempt at destabilizing a foreign democracy, then it would have significant consequences for the UK's Russia policy. "An aspiring prime minister has essentially claimed that Russia has launched an unprecedentedly aggressive intervention โ a malicious intervention โ in British politics, and he's not produced a shred of evidence to support that claim," Martin said. "It is a very, very serious thing to allege. It would be a national security issue," he added. "If it is true, the government should be in emergency session in COBR right now, considering their response to the most serious Russian intervention in internal British affairs for years." He said the claims published by the Mail on Sunday, at present, are unsubstantiated, and if true, in normal circumstances, this would prompt a formal government response. The Reg understands that the NCSC has not been engaged by Farage or Reform UK over the matter. The National Crime Agency did not respond to questions regarding its involvement and the Metropolitan Police Service declined to comment. Reform UK did not respond to our requests for more information, nor did Nigel Farage's office. What exactly did Reform UK claim? According to sources who spoke to the Mail on Sunday, Russian spies hacked Farage's phone, ascertained details about Harborne's ยฃ5 million donation to the party leader, and leaked it to The Guardian, which first reported the story. The Guardian said at the weekend that Farage is now under "mounting pressure" to prove his claim about the Russian phone hack. There is no indication the Graun 's reporting was connected to any illegal activity or Russian spies, but Farage is implying so, telling the Mail on Sunday: "This shocking revelation brings into question The Guardianโs judgment and whether Reform can cooperate with them in future." According to the analysis of Farage's phone, carried out by the unidentified counter-espionage experts, the findings were "almost certainly linked to Moscow," the Reform UK source said. They also claimed that spear-phishing tactics were used to compromise his phone, email, and bank accounts. "It bore all the sophisticated hallmarks of a nation-state actor using destabilization techniques in the run-up to this month's local elections," the source added. Farage said: "These actions by Russia are deeply concerning and highlight the threat they pose to British security." Regarding the motive for such an attack, Reform UK believes its leader angered Russian president Vladimir Putin by previously expressing support for NATO. He has said in the past that UK forces should shoot down Russian aircraft if they enter NATO airspace, and joined controversial calls for Ukraine to be admitted to the military alliance. The party also said that Harborne may be a target for the Russian regime because he joined former prime minister Boris Johnson on a trip to Ukraine in 2022, designed to showcase the impact of Russia's invasion earlier that year. ยฎ
Login
