Login
Elon Musk's X platform is under fire as UK regulators close in on mounting reports that the platform's AI chatbot, Grok, is generating sexual imagery without users' consent.β¦
A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn't even require logging in.β¦
Security researchers at Radware say they've identified several vulnerabilities in OpenAI's ChatGPT service that allow the exfiltration of personal information.β¦
Interview With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn't be surprising that criminals like automated coding tools too.β¦
Logitech says an expired developer certificate is to blame after swaths of customers were left infuriated when their mice malfunctioned.β¦
Cloudflare has poured cold water on a theory that the USAβs incursion into Venezuela coincided with a cyberattack on telecoms infrastructure.β¦
IBM describes its coding agent thus: "Bob is your AI software development partner that understands your intent, repo, and security standards." Unfortunately, Bob doesn't always follow those security standards.β¦
exclusive The European Space Agency on Wednesday confirmed yet another massive security breach, and told The Register that the data thieves responsible will be subject to a criminal investigation. And this could be a biggie.β¦
The US government has secured a guilty plea from a stalkerware maker in federal court, marking just the second time in more than a decade that the US has managed to prosecute a consumer spyware vendor successfully.Β β¦
Microsoft has backed away from planned changes to Exchange Online after customers objected to limits designed to curb outbound email abuse.β¦
Updated The UK's Ministry of Justice spent Β£50 million ($67 million) on cybersecurity improvements at the Legal Aid Agency (LAA) before the high-profile cyberattack it disclosed last year.β¦
Brit luxury automaker Jaguar Land Rover has reported devastating preliminary Q3 results that lay bare the cascading consequences of a crippling cyberattack, revealing wholesale volumes collapsed more than two-fifths year-on-year.β¦
Some HSBC mobile banking customers in the UK report being locked out of the bank's app after installing the Bitwarden password manager via an open source app catalog.β¦
Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne's Internet Bug Bounty (IBB) program. Both were assigned CVEs and have since been fixed. But instead of receiving an $8,500 reward for the two flaws, Ciolek says, HackerOne ghosted him for months.β¦
Internet service provider Brightspeed confirmed that it's investigating criminals' claims that they stole more than a million customers' records and have listed them for sale for three bitcoin, or about $276,370.Β β¦
Russia-linked hackers are sneaking malware into European hotels and other hospitality outfits by tricking staff into installing it themselves through fake Windows Blue Screen of Death (BSOD) crashes.β¦
Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may also be affected.β¦
Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and staff to summon government incident responders.β¦
The UK today launches its Government Cyber Action Plan, committing Β£210 million ($282 million) to strengthen defenses across digital public services and hold itself to the same cybersecurity standards it's imposing on critical infrastructure operators.β¦
If you don't say "yes way" to MFA, the consequences can be disastrous. Sensitive data belonging to about 50 global enterprises is listed for sale β and, in some cases, has already been sold β on the dark web following a major infostealer campaign, with apparent victims including American utility engineering firm Pickett and Associates; Japan's homebuilding giant Sekisui House; and Spain's largest airline Iberia.β¦
Resecurity offered its "congratulations" to the Scattered Lapsus$ Hunters cybercrime crew for falling into its threat intel team's honeypot β resulting in a subpoena being issued for one of the data thieves. Meanwhile, the notorious extortionists have since removed their claims of gaining "full access" to the security shop's systems.β¦
Palo Alto Networks is on shopping spree. The company is reportedly considering a $400 million purchase of Israeli cybersecurity start up Koi, which raised $48 million in funding last year.Β β¦
Important news for Gmail power users: Google is dropping the feature whereby Gmail can collect mail from other email accounts over POP3.β¦
New Zealand health minister Simeon Brown has ordered a review into the cyberattack at ManageMyHealth, which threatens the data of hundreds of thousands of Kiwis.β¦
infosec in brief The Trump administration has cleared a trio of individuals sanctioned by the Biden administration for involvement with the Intellexa spyware consortium behind the Predator surveillance tool, removing restrictions that had barred them from doing business with the US.β¦
interview AI agents represent the new insider threat to companies in 2026, according to Palo Alto Networks Chief Security Intel Officer Wendi Whitmore, and this poses several challenges to executives tasked with securing the expected surge in autonomous agents.β¦
Ilya Lichtenstein, who pleaded guilty to money-laundering charges tied to the 2016 theft of about 120,000 bitcoins from the Bitfinex exchange and was sentenced to five years in prison, has been released after roughly 14 months in the slammer.β¦
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power.Β The price is 6.5 bitcoin, which amounts to about $585,000.β¦
A British security researcher has secured Australia's strictest, invite-only visa after discovering a critical vulnerability in a government system.β¦
A senior British crimefighter has been awarded one of the country's highest tributes for public service for his role in the 2024 LockBit ransomware takedown.β¦
Sponsored Post Security teams are being asked to do more with less, while the environments they protect continue to grow in size and complexity. Alerts arrive from dozens of tools, each offering a partial view of risk. The real challenge is no longer finding potential threats, but deciding which ones matter and how quickly to act.β¦
The European Space Agency has suffered yet another security incident and, in keeping with past practice, says the impact is limited. Meanwhile, miscreants boast that they've made off with a trove of data, including what they claim are confidential documents, credentials, and source code.β¦
Hong Kongβs banks have a new weapon against scams: Accounts that require customers to visit a branch to access their funds.β¦
A ransomware negotiator and a security incident response manager have admitted to running ransomware attacks.β¦
New Yorkβs mayor-elect Zohran Mamdani has invited the cityβs residents to join him at a block party to celebrate his inauguration but told attendees not to bring a Raspberry Pi single-board computer to the event.β¦
A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week, is now under active exploitation, according to the US Cybersecurity and Infrastructure Security Agency.β¦
South Koreaβs Ministry of Science and ICT has found that local carrier Korea Telecom (KT) deployed thousands of badly secured femtocells, leading to an attack that enabled micropayments fraud and snooping on customersβ communications β maybe for years.β¦
Rogue insiders suspected of taking bribes to hand over Coinbase customer records to criminals are beginning to face justice, according to CEO Brian Armstrong.β¦
A criminal group is beating Conde Nast over the head for not responding sooner to its extortion attempt by posting stolen subscribers' email and home addresses and warning the publisher of Wired, The New Yorker, Vanity Fair, and Teen Vogue that it has 40 million more entries.β¦
Feature More than half a century ago, a consortium of European aerospace businesses from the UK, France, Germany and Spain joined forces to take on America's Boeing. Fast forward to the 21st century and the countries are applying the same model needs to the world of cloud computing, giving the continent a fighting chance to reduce the digital domination of Big Tech.β¦
Korean e-tailer Coupang claims a former employee has admitted to improperly accessing data describing 33 million of its customers, but says the accused deleted the stolen data.β¦
The knock-on, and often unintentional, impacts of a cyberattack are so rarely discussed. As an industry, the focus is almost always placed on the economic damage: the ransom payment; the cost of business downtime; and goodness, don't forget those poor shareholders.β¦
It's the most wonderful time of the year β¦ for corporate security bosses to run tabletop exercises, simulating a hypothetical cyberattack or other emergency, running through incident processes, and practicing responses to ensure preparedness if when a digital disaster occurs.β¦
interview According to Remedio CEO Tal Kollender, the only way to beat the bad guys hacking into corporate networks is to "think like a hacker," and because not everyone is a teenage hacker turned cybersecurity startup chief executive, she built an AI to do this.β¦
Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could allow an attacker to inject malicious HTML content or trick the bot into leaking system prompts.Β Their thank you from the company: being accused of "blackmail."β¦
The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.β¦
Microsoft wants to develop tech that could translate its codebase to Rust, and is hiring people to make it happen.β¦
After over a week of speculation, ServiceNow announced on Tuesday that it has agreed to buy cybersecurity heavyweight Armis in a $7.75 billion deal that will see the workflow giant incorporate a real-time security intelligence feed into its products.β¦
Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.β¦
Microsoft has hustled out an out-of-band update to address a Message Queuing issue introduced by the December 2025 update.β¦
A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.β¦
Security vendor Palo Alto Networks is expanding its Google Cloud partnership, saying it will move "key internal workloads" onto the Chocolate Factory's infrastructure. The outfit also claims it is tightening integrations between its security tools and Google Cloud to deliver what it calls a "unified" security experience. At the same time, Palo Alto may trim its own cloud purchase commitments.β¦
Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.β¦
What would happen to the world's music collections if streaming services disappeared? One hacktivist group says it has a solution: scrape around 300 terabytes of music and metadata from Spotify and offer it up for free as what it calls the worldβs first βfully openβ music preservation archive.β¦
The UK's Crown Prosecution Service (CPS) says a fraudster who claimed to be part of MI6 must repay Β£125,000 ($168,000) to a former love interest that he conned.β¦
Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing.β¦
South Korea's government on Friday announced it will require local mobile carriers to verify the identity of new customers with facial recognition scans, in the hope of reducing scams.β¦
APAC in Brief Google and Apple last week started to allow developers of mobile applications to distribute their wares through third-party app stores and accept payments from alternative payment providers.β¦
Infosec In Brief Google will soon end its βDark Web Reportβ, an email service that alerts users when their personal information appears on the internetβs dark underbelly.β¦
UPDATED A staffer at the USAβs National Institute of Standards and Technology (NIST) tried to disable some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.β¦
FreshRSS