Login
AI-pocalypse AI and automation could wipe out 6.1 percent of jobs in the US by 2030 β equating to 10.4 million fewer positions that are held by humans today.β¦
Dutch police believe they have arrested a man behind the AVCheck online platform - a service used by cybercrims that Operation Endgame shuttered in May.β¦
CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KEV) catalog.β¦
Mandiant has released an open source tool to help Salesforce admins detect misconfigurations that could expose sensitive data.β¦
A Dutch appeals court has kept a seven-year prison sentence in place for a man who hacked port IT systems with malware-stuffed USB sticks to help cocaine smugglers move containers, brushing off claims that police shouldn't have been reading his encrypted chats.β¦
The British government is asking defense firms to rapidly produce a new ground-launched ballistic missile to aid Ukraine's fight against Russia - hardware that might also be adopted by UK's armed forces in future.β¦
Indiaβs government has updated the regulations it imposes on cryptocurrency services providers, as part of its efforts to combat fraud, money laundering, and terrorism.β¦
PCs and datacenters aren't the only devices that need DRAM. The global memory shortage is roiling the cybersecurity market, with the cost of firewalls expected to balloon and hit both customers and vendors in the pocketbook in 2026, according to research analysts Wedbush.β¦
A 21-year-old Swedish man accused of being a key organizer of violence-as-a-service linked to the Foxtrot criminal network, which police say has recruited and exploited minors, has been arrested in Iraq.β¦
The number of organizations that have implemented methods for identifying security risks in the AI tools they use has almost doubled in the space of a year.β¦
exclusive When it comes to security, AI agents are like self-driving cars, according to Block Chief Information Security Officer James Nettesheim.β¦
Updated BreachForums, the serially resurrected cybercrime marketplace, has tripped over itself after a data breach spilled details tied to about 324,000 user accounts.β¦
Ofcom is investigating X over potential violations of the Online Safety Act, Britian's comms watchdog has confirmed.β¦
The Tories have pledged to kick under-16s off social media, betting that banning teens from TikTok and Instagram will fix what they see as a growing crisis in kids' mental health and classroom behavior.β¦
Indiaβs government has denied that it is working on rules that would require smartphone manufacturers to provide access to their source code.β¦
Asia in Brief The governments of Malaysia and Indonesia have suspended access to social network X, on grounds that it allows users to produce sexual imagery without usersβ consent.β¦
infosec in brief Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of usersβ personal information.β¦
ANALYSIS From May's cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government.β¦
While watching us now seems like the least of its sins, the US Immigration and Customs Enforcement (ICE) was once best known (and despised) for its multi-billion-dollar surveillance tech budget.β¦
France has released an alleged ransomware crook wanted by the US in exchange for a conflict researcher imprisoned in Russia.β¦
North Korean government hackers are turning QR codes into credential-stealing weapons, the FBI has warned, as Pyongyang's spies find new ways to duck enterprise security and help themselves to cloud logins.β¦
Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the bugs it relied on were made public.β¦
Grok has yanked its image-generation toy out of the hands of most X users after the UK government openly weighed a ban over the AI feature that "undressed" people on command.β¦
On Call 2025 has ended and a new year is upon us, but The Register will continue opening Friday mornings with a fresh installment of On Call β the reader-contributed column that tells your tales of tech support.β¦
CrowdStrike has signed a $740 million deal to buy identity security startup SGNL. The move underscores the growing threat of identity-based attacks as companies struggle to secure skyrocketing numbers of non-human identities, including AI agents.β¦
Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information - and warned that a public, proof-of-concept exploit for the flaw exists online.β¦
If 2025 was meant to be the year ransomware started dying, nobody appears to have told the attackers.β¦
CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE's OneView management software and a years-old flaw in Microsoft Office.β¦
Elon Musk's X platform is under fire as UK regulators close in on mounting reports that the platform's AI chatbot, Grok, is generating sexual imagery without users' consent.β¦
A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn't even require logging in.β¦
Security researchers at Radware say they've identified several vulnerabilities in OpenAI's ChatGPT service that allow the exfiltration of personal information.β¦
Interview With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn't be surprising that criminals like automated coding tools too.β¦
Logitech says an expired developer certificate is to blame after swaths of customers were left infuriated when their mice malfunctioned.β¦
Cloudflare has poured cold water on a theory that the USAβs incursion into Venezuela coincided with a cyberattack on telecoms infrastructure.β¦
IBM describes its coding agent thus: "Bob is your AI software development partner that understands your intent, repo, and security standards." Unfortunately, Bob doesn't always follow those security standards.β¦
exclusive The European Space Agency on Wednesday confirmed yet another massive security breach, and told The Register that the data thieves responsible will be subject to a criminal investigation. And this could be a biggie.β¦
The US government has secured a guilty plea from a stalkerware maker in federal court, marking just the second time in more than a decade that the US has managed to prosecute a consumer spyware vendor successfully.Β β¦
Microsoft has backed away from planned changes to Exchange Online after customers objected to limits designed to curb outbound email abuse.β¦
Updated The UK's Ministry of Justice spent Β£50 million ($67 million) on cybersecurity improvements at the Legal Aid Agency (LAA) before the high-profile cyberattack it disclosed last year.β¦
Brit luxury automaker Jaguar Land Rover has reported devastating preliminary Q3 results that lay bare the cascading consequences of a crippling cyberattack, revealing wholesale volumes collapsed more than two-fifths year-on-year.β¦
Some HSBC mobile banking customers in the UK report being locked out of the bank's app after installing the Bitwarden password manager via an open source app catalog.β¦
Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne's Internet Bug Bounty (IBB) program. Both were assigned CVEs and have since been fixed. But instead of receiving an $8,500 reward for the two flaws, Ciolek says, HackerOne ghosted him for months.β¦
Internet service provider Brightspeed confirmed that it's investigating criminals' claims that they stole more than a million customers' records and have listed them for sale for three bitcoin, or about $276,370.Β β¦
Russia-linked hackers are sneaking malware into European hotels and other hospitality outfits by tricking staff into installing it themselves through fake Windows Blue Screen of Death (BSOD) crashes.β¦
Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may also be affected.β¦
Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and staff to summon government incident responders.β¦
The UK today launches its Government Cyber Action Plan, committing Β£210 million ($282 million) to strengthen defenses across digital public services and hold itself to the same cybersecurity standards it's imposing on critical infrastructure operators.β¦
If you don't say "yes way" to MFA, the consequences can be disastrous. Sensitive data belonging to about 50 global enterprises is listed for sale β and, in some cases, has already been sold β on the dark web following a major infostealer campaign, with apparent victims including American utility engineering firm Pickett and Associates; Japan's homebuilding giant Sekisui House; and Spain's largest airline Iberia.β¦
Resecurity offered its "congratulations" to the Scattered Lapsus$ Hunters cybercrime crew for falling into its threat intel team's honeypot β resulting in a subpoena being issued for one of the data thieves. Meanwhile, the notorious extortionists have since removed their claims of gaining "full access" to the security shop's systems.β¦
Palo Alto Networks is on shopping spree. The company is reportedly considering a $400 million purchase of Israeli cybersecurity start up Koi, which raised $48 million in funding last year.Β β¦
Important news for Gmail power users: Google is dropping the feature whereby Gmail can collect mail from other email accounts over POP3.β¦
New Zealand health minister Simeon Brown has ordered a review into the cyberattack at ManageMyHealth, which threatens the data of hundreds of thousands of Kiwis.β¦
infosec in brief The Trump administration has cleared a trio of individuals sanctioned by the Biden administration for involvement with the Intellexa spyware consortium behind the Predator surveillance tool, removing restrictions that had barred them from doing business with the US.β¦
interview AI agents represent the new insider threat to companies in 2026, according to Palo Alto Networks Chief Security Intel Officer Wendi Whitmore, and this poses several challenges to executives tasked with securing the expected surge in autonomous agents.β¦
Ilya Lichtenstein, who pleaded guilty to money-laundering charges tied to the 2016 theft of about 120,000 bitcoins from the Bitfinex exchange and was sentenced to five years in prison, has been released after roughly 14 months in the slammer.β¦
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power.Β The price is 6.5 bitcoin, which amounts to about $585,000.β¦
A British security researcher has secured Australia's strictest, invite-only visa after discovering a critical vulnerability in a government system.β¦
A senior British crimefighter has been awarded one of the country's highest tributes for public service for his role in the 2024 LockBit ransomware takedown.β¦
Sponsored Post Security teams are being asked to do more with less, while the environments they protect continue to grow in size and complexity. Alerts arrive from dozens of tools, each offering a partial view of risk. The real challenge is no longer finding potential threats, but deciding which ones matter and how quickly to act.β¦
The European Space Agency has suffered yet another security incident and, in keeping with past practice, says the impact is limited. Meanwhile, miscreants boast that they've made off with a trove of data, including what they claim are confidential documents, credentials, and source code.β¦
FreshRSS