Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
US shuts down phisherfolk’s $14.6M password-hoarding platform
Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
go.theregister.com
December 24, 2025 at 3:30 PM
Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
Plans move to Rust, with help from AI Microsoft wants to translate its codebase to Rust, and is hiring people to make it happen.…
Microsoft wants to replace its entire C and C++ codebase, perhaps by 2030
Plans move to Rust, with help from AI Microsoft wants to translate its codebase to Rust, and is hiring people to make it happen.…
go.theregister.com
December 24, 2025 at 4:30 AM
Plans move to Rust, with help from AI Microsoft wants to translate its codebase to Rust, and is hiring people to make it happen.…
Automaker's third security snafu in three years Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.…
21K Nissan customers' data stolen in Red Hat raid
Automaker's third security snafu in three years Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.…
go.theregister.com
December 23, 2025 at 5:30 PM
Automaker's third security snafu in three years Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.…
And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.…
Poisoned WhatsApp API package steals messages and accounts
And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.…
go.theregister.com
December 22, 2025 at 10:30 PM
And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.…
Ah, the good old days when 0-day development took a year Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.…
Spy turned startup CEO: 'The WannaCry of AI will happen'
Ah, the good old days when 0-day development took a year Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.…
go.theregister.com
December 22, 2025 at 8:30 PM
Ah, the good old days when 0-day development took a year Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.…
On-site staff keep key systems working while all but one region battles with encrypted PCs Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing.…
Around 1,000 systems compromised in ransomware attack on Romanian water agency
On-site staff keep key systems working while all but one region battles with encrypted PCs Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing.…
go.theregister.com
December 22, 2025 at 12:30 PM
On-site staff keep key systems working while all but one region battles with encrypted PCs Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing.…
SK Telecom's epic infosec faill will cost it another $1.5 billion South Korea’s government on Friday announced it will require local mobile carriers to verify the identity of new customers with facial recognition scans, in the hope of reducing scams.…
There’s so much stolen data in the world, South Korea will require face scans to buy a SIM
SK Telecom's epic infosec faill will cost it another $1.5 billion South Korea’s government on Friday announced it will require local mobile carriers to verify the identity of new customers with facial recognition scans, in the hope of reducing scams.…
go.theregister.com
December 22, 2025 at 4:30 AM
SK Telecom's epic infosec faill will cost it another $1.5 billion South Korea’s government on Friday announced it will require local mobile carriers to verify the identity of new customers with facial recognition scans, in the hope of reducing scams.…
PLUS: Texas sues alleged TV spies; The Cloud is full of holes; Hospital leaked its own data; And more Infosec In Brief Google will soon end its “Dark Web Report”, an email service that alerts users when their personal information appears on the internet’s dark underbelly.…
Google sends Dark Web Report to its dead services graveyard
PLUS: Texas sues alleged TV spies; The Cloud is full of holes; Hospital leaked its own data; And more Infosec In Brief Google will soon end its “Dark Web Report”, an email service that alerts users when their personal information appears on the internet’s dark underbelly.…
go.theregister.com
December 21, 2025 at 11:30 PM
PLUS: Texas sues alleged TV spies; The Cloud is full of holes; Hospital leaked its own data; And more Infosec In Brief Google will soon end its “Dark Web Report”, an email service that alerts users when their personal information appears on the internet’s dark underbelly.…
A rare case of deliberately trying to induce an outage A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.…
NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift
A rare case of deliberately trying to induce an outage A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.…
go.theregister.com
December 21, 2025 at 8:31 AM
A rare case of deliberately trying to induce an outage A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.…
Latest charges join the mountain of indictments facing alleged Tren de Aragua members A Venezuelan gang described by US officials as "a ruthless terrorist organization" faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars.…
ATM jackpotting gang accused of unleashing Ploutus malware across US
Latest charges join the mountain of indictments facing alleged Tren de Aragua members A Venezuelan gang described by US officials as "a ruthless terrorist organization" faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars.…
go.theregister.com
December 19, 2025 at 8:30 PM
Latest charges join the mountain of indictments facing alleged Tren de Aragua members A Venezuelan gang described by US officials as "a ruthless terrorist organization" faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars.…
Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.…
WatchGuard sounds alarm as critical Firebox flaw comes under active attack
Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.…
go.theregister.com
December 19, 2025 at 6:30 PM
Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.…
Attackers helped themselves to historical personal info on 27K people The University of Sydney is ringing around thousands of current and former staff and students after admitting attackers helped themselves to historical personal data stashed inside one of its online code repositories.…
Sydney Uni data goes walkabout after criminals raid code repo
Attackers helped themselves to historical personal info on 27K people The University of Sydney is ringing around thousands of current and former staff and students after admitting attackers helped themselves to historical personal data stashed inside one of its online code repositories.…
go.theregister.com
December 19, 2025 at 5:30 PM
Attackers helped themselves to historical personal info on 27K people The University of Sydney is ringing around thousands of current and former staff and students after admitting attackers helped themselves to historical personal data stashed inside one of its online code repositories.…
Officials admit 'there certainly has been a hack,' but refuse to confirm China link or data theft The UK's Foreign Office is investigating a confirmed cyberattack it learned about in October, senior ministers say.…
Ministers confirm breach at UK Foreign Office but details remain murky
Officials admit 'there certainly has been a hack,' but refuse to confirm China link or data theft The UK's Foreign Office is investigating a confirmed cyberattack it learned about in October, senior ministers say.…
go.theregister.com
December 19, 2025 at 11:30 AM
Officials admit 'there certainly has been a hack,' but refuse to confirm China link or data theft The UK's Foreign Office is investigating a confirmed cyberattack it learned about in October, senior ministers say.…
Beijing wants to 'seize the initiative in the international competition in cyberspace' Chinese authorities on Thursday certified the China Environment for Network Innovation (CENI), a vast research network that Beijing hopes will propel the country to the forefront of networking research.…
China turns on a vast experimental network it says is an heir to ARPANET
Beijing wants to 'seize the initiative in the international competition in cyberspace' Chinese authorities on Thursday certified the China Environment for Network Innovation (CENI), a vast research network that Beijing hopes will propel the country to the forefront of networking research.…
go.theregister.com
December 19, 2025 at 3:30 AM
Beijing wants to 'seize the initiative in the international competition in cyberspace' Chinese authorities on Thursday certified the China Environment for Network Innovation (CENI), a vast research network that Beijing hopes will propel the country to the forefront of networking research.…
Plus: Lazarus Group has a brand new BeaverTail Even Amazon isn't immune to North Korean scammers who try to score remote jobs at tech companies so they can funnel their wages to Kim Jong Un's coffers.…
Amazon blocked 1,800 suspected North Korean scammers seeking jobs
Plus: Lazarus Group has a brand new BeaverTail Even Amazon isn't immune to North Korean scammers who try to score remote jobs at tech companies so they can funnel their wages to Kim Jong Un's coffers.…
go.theregister.com
December 19, 2025 at 12:31 AM
Plus: Lazarus Group has a brand new BeaverTail Even Amazon isn't immune to North Korean scammers who try to score remote jobs at tech companies so they can funnel their wages to Kim Jong Un's coffers.…
ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…
Kim's crypto thieving reached a record $2B in 2025
ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…
go.theregister.com
December 18, 2025 at 6:30 PM
ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…
Flaw in remote-access appliance lets attackers chain bugs for root-level takeover SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes.…
Another bad week for SonicWall as SMA 1000 zero-day under active exploit
Flaw in remote-access appliance lets attackers chain bugs for root-level takeover SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes.…
go.theregister.com
December 18, 2025 at 3:30 PM
Flaw in remote-access appliance lets attackers chain bugs for root-level takeover SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes.…
Justice Department claims unlicensed exchange funneled ransomware profits US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator.…
FBI dismantles alleged $70M crypto laundering operation
Justice Department claims unlicensed exchange funneled ransomware profits US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator.…
go.theregister.com
December 18, 2025 at 2:30 PM
Justice Department claims unlicensed exchange funneled ransomware profits US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator.…
Around 2,000 GP practices use its products An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…
NHS tech supplier probes cyberattack on internal systems
Around 2,000 GP practices use its products An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…
go.theregister.com
December 18, 2025 at 1:30 PM
Around 2,000 GP practices use its products An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…
18-year-old platform crumbles under 94M daily requests while resellers flog £62 tests for £500 The UK's Driver and Vehicle Standards Agency (DVSA) has appointed a new chief exec to tackle spiraling waits for practical driving tests with bots overrunning its aging booking system.…
DVSA's clapped-out booking system gets bot slapped as new boss rides in
18-year-old platform crumbles under 94M daily requests while resellers flog £62 tests for £500 The UK's Driver and Vehicle Standards Agency (DVSA) has appointed a new chief exec to tackle spiraling waits for practical driving tests with bots overrunning its aging booking system.…
go.theregister.com
December 18, 2025 at 10:30 AM
18-year-old platform crumbles under 94M daily requests while resellers flog £62 tests for £500 The UK's Driver and Vehicle Standards Agency (DVSA) has appointed a new chief exec to tackle spiraling waits for practical driving tests with bots overrunning its aging booking system.…
Investigatory Powers Commissioner says reforms have failed to close oversight gaps The UK's Investigatory Powers Act 2016 (IPA) has several regulatory gaps that must be plugged in future legislative reforms, according to Investigatory Powers Commissioner (IPC) Sir Brian Leveson.…
UK surveillance law still full of holes, watchdog warns
Investigatory Powers Commissioner says reforms have failed to close oversight gaps The UK's Investigatory Powers Act 2016 (IPA) has several regulatory gaps that must be plugged in future legislative reforms, according to Investigatory Powers Commissioner (IPC) Sir Brian Leveson.…
go.theregister.com
December 18, 2025 at 9:30 AM
Investigatory Powers Commissioner says reforms have failed to close oversight gaps The UK's Investigatory Powers Act 2016 (IPA) has several regulatory gaps that must be plugged in future legislative reforms, according to Investigatory Powers Commissioner (IPC) Sir Brian Leveson.…
No timeline for a patch Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances for nearly a month, and there's no timeline for a fix.…
Attacks pummeling Cisco AsyncOS 0-day since late November
No timeline for a patch Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances for nearly a month, and there's no timeline for a fix.…
go.theregister.com
December 17, 2025 at 11:30 PM
No timeline for a patch Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances for nearly a month, and there's no timeline for a fix.…
Regulator makes various additional demands over alleged cybersecurity failings In proposing a settlement agreement, the Federal Trade Commission (FTC) says that Illusory Systems must repay users funds lost in a 2022 cyberattack.…
Blockchain company Nomad to repay users under FTC deal after $186M cyberattack
Regulator makes various additional demands over alleged cybersecurity failings In proposing a settlement agreement, the Federal Trade Commission (FTC) says that Illusory Systems must repay users funds lost in a 2022 cyberattack.…
go.theregister.com
December 17, 2025 at 4:30 PM
Regulator makes various additional demands over alleged cybersecurity failings In proposing a settlement agreement, the Federal Trade Commission (FTC) says that Illusory Systems must repay users funds lost in a 2022 cyberattack.…
Folder permission changes cause queue failures and misleading error messages, no real fix yet Microsoft has good news for administrators: while some organizations now pay for security updates on older Windows versions, the inconsistent quality remains free.…
Microsoft security updates breaks MSMQ on older Win systems
Folder permission changes cause queue failures and misleading error messages, no real fix yet Microsoft has good news for administrators: while some organizations now pay for security updates on older Windows versions, the inconsistent quality remains free.…
go.theregister.com
December 17, 2025 at 2:30 PM
Folder permission changes cause queue failures and misleading error messages, no real fix yet Microsoft has good news for administrators: while some organizations now pay for security updates on older Windows versions, the inconsistent quality remains free.…
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.…
China's Ink Dragon hides out in European government networks
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.…
go.theregister.com
December 16, 2025 at 11:30 PM
Misconfigured servers are in, 0-days out Chinese espionage crew Ink Dragon has expanded its snooping activities into European government networks, using compromised servers to create illicit relay nodes for future operations.…