Login
No honor among thieves as 0APT threatens rival ransomware gang Krybit
Honey, the skids are fighting again
Two rival ransomware gangs have locked horns after 0APT threatened to expose people affiliated with Krybit.β¦
Reading view
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
One was patched almost 14 years ago
Crooks are exploiting four Microsoft vulnerabilities - one patched 14 years ago and another tied to ransomware activity - according to America's lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.β¦
Fake Linux leader using Slack to con devs into giving up their secrets
Google Sites lure leads to bogus root certificate
Imagine getting asked to do something by a person in authority. An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official and used pages hosted on Google.com to steal developers' credentials and take over their systems.β¦
Booking.com warns reservation data may have checked out with intruders
Travel giant says names, contact details, dates, and hotel messages potentially exposed
Booking.com is warning customers that their reservation details may have been exposed to unknown attackers, in the latest reminder that the travel giant still can't quite keep a lid on the data flowing through its platform.β¦
Gym giant Basic-Fit confirms data on a million members stolen in cyberattack
Names, addresses, dates of birth, and bank details accessed, though not passwords
Basic-Fit, Europe's largest gym chain, has confirmed data including the bank details of around a million customers was stolen from its systems.β¦
Rockstar Games gets a taste of grand theft data
ShinyHunters claims it accessed Snowflake metrics via third-party tool
ShinyHunters is back, this time pinning Rockstar Games to its leak site and claiming it didn't so much hack its way in as walk through a door someone else left wide open.β¦
NHS pays Β£46K to prep next Microsoft licensing round
Benchmarking contract lays groundwork for renegotiating Β£774M software agreement
NHS England is spending Β£46,000 on "benchmarking" as it gears up for what looks like the next round of negotiations behind one of the UK public sector's biggest software deals.β¦
China wants AI to prepare school lessons and mark homework
PLUS: Toyota wheels out basketball bot; Arm scores AI server win with SK Telecom; India ponders payment pauses to foil fraudsters; And more!
Asia In Brief Chinaβs National Data Administration last Friday published its action plan for AI in education which calls for upskilling of the nationβs citizens to ensure they can put the technology to work.β¦
Anthropic's mysterious Mythos AI threatens to upend the infosec world
Or it's a bunch of pre-IPO hype. Either way, we're giving it the once-over on this week's episode
Kettle Anthropic dropped a doozy on us this week with the launch of Mythos, an AI model it says is able to find and exploit zero-day vulnerabilities with a shocking level of ability.Β β¦
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
Time to start dropping SBOMs
FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from tens of thousands β if not more β organizations. We won't know the full blast radius for months.β¦
Hungarian government creds left in the safe hands of 'FrankLampard'
Nearly 800 state logins surfaced in breach data, including defense and NATO-linked accounts
Hungary's government has discovered the hard way that the biggest threat to national security might just be its own password choices.β¦
CPUID site hijacked to serve malware instead of HWMonitor downloads
Six-hour breach turned trusted links into a coin toss between legit tools and credential stealers
Visitors to the CPUID website were briefly exposed to malware this week after attackers hijacked part of its backend, turning trusted download links into a delivery mechanism for something far less welcome.β¦
Project Glasswing and open source software: The good, the bad, and the ugly
Just what FOSS developers need β a flood of AI-discovered vulnerabilities
Opinion Anthropic describes Project Glasswing as a coalition of tech giants committing $100 million in AI resources to hunt down and fix long-hidden vulnerabilities in critical open source software that it's finding with its new Mythos AI program. Or as The Reg put it, "an AI model that can generate zero-day vulnerabilities."β¦
Britain seeks views before it drops the hammer on signal jammers
Four-week call for evidence intended to help shape laws aimed at devices linked to crime
The UK government is seeking views on radiofrequency jammers as it prepares legislation to ban the controversial devices.β¦
Unpacking AI security in 2026 from experimentation to the agentic era
Cut through the noise and understand the real risks, responsibilities, and responses shaping enterprise AI today.
Webinar Promo 2025 was the year of AI experimentation. In 2026, the bills are coming due. AI adoption has moved from isolated pilots to autonomous, enterprise wide deployment, bringing with it a sophisticated new generation of security challenges.β¦
Crypto? Huh. Good gawd y'all, what is it good for? $45M in this case
Cops bust latest scam, return $12m to bilked victims
US, UK, and Canadian law enforcement Thursday said that they disrupted a $45 million global cryptocurrency scam, freezing $12 million in stolen funds and identifying more than 20,000 cryptocurrency wallet addresses linked to fraud victims across 30 countries.β¦
'Several dozen' high-value corporations hit by new extortion crew in helpdesk phishing spree
Possible link to Mr. Raccoon's claimed Adobe break-in
A new extortion crew has targeted βseveral dozen high-valueβ corporations through phishing and helpdesk social-engineering, according to Google.β¦
Chevin pulls the handbrake on FleetWave software after security scare
UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline
A cybersecurity incident has knocked FleetWave into a "major outage" across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform offline and left customers scrambling for answers.β¦
Months-old Adobe Reader zero-day uses PDFs to size up targets
Malicious PDFs abuse legit features to harvest system data and decide which victims get a 2nd-stage payload
Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.β¦
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
No emails, no warnings, no humans β just bots, catch-22s, and a 60-day appeals queue
Microsoft says that it will work on how it communicates with developers after two leading open source figures were suddenly locked out of their accounts, leaving them unable to sign updates.β¦
