Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest Okta single sign-on (SSO) credential stealing campaign, according to researchers and the criminal group itself.... [...]
A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware. [...]
From the Department of Bizarre Anomalies: Microsoft has suppressed an unexplained anomaly on its network that was routing traffic destined to example.com—a domain reserved for testing purposes—to a maker of electronics cables located in Japan. Under the RFC2606 —an official standard maintained by the Internet Engineering …
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page …
Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks. [...]
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) audit for the AWS CloudHSM service. With CloudHSM, you can manage and access your keys on FIPS 140-3 Level 3 validated hardware, protected with customer-owned, single-tenant hardware security module …
Cloudflare has shared more details about a recent 25-minute Border Gateway Protocol (BGP) route leak affecting IPv6 traffic, which caused measurable congestion, packet loss, and approximately 12 Gbps of dropped traffic. [...]
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes …
Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server. [...]
Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them. [...]
The defense mechanisms that NPM introduced after the 'Shai-Hulud' supply-chain attacks have weaknesses that allow threat actors to bypass them via Git dependencies. [...]
Probe follows outcry over use of creepy image generation tool The European Commission has launched an investigation into X amid concerns that its GenAI model Grok offered users the ability to generate sexually explicit imagery, including sexualized images of children.... [...]
US sports brand launches probe after extortion crew WorldLeaks claims it stole huge dataset Nike says it is probing a possible breach after extortion crew WorldLeaks claimed to have lifted 1.4TB of internal data from the sportswear giant and posted samples on its leak site.... [...]
This is coming : The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. [...]
Cyber sleuths believe Sandworm up to its old tricks with a brand-new sabotage toy Russia was probably behind the failed attempts to compromise the systems of Poland's power companies in December, cybersecurity researchers claim.... [...]
CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered U.S. federal agencies to secure their servers within three weeks. [...]
Big Red says 'sovereign' platform supports decision-making and operational learning at sea Britain's Royal Navy is using Oracle Cloud edge infrastructure to operate AI-driven defenses on the aircraft carrier HMS Prince of Wales.... [...]
Minister dodges cost questions while promising smartphone-free access and 'robust' verification The UK government has revealed some thinking about digital identity in response to written questions from MPs, while continuing to say next to nothing about the scheme's cost.... [...]
A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Control (UAC) with a more robust and importantly, securable system to allow a local user to access administrator privileges only when necessary. This blog …
Also, cybercriminals get breached, Gemini spills the calendar beans, and more infosec in brief T'was a dark few days for automotive software systems last week, as the third annual Pwn2Own Automotive competition uncovered 76 unique zero-day vulnerabilities in targets ranging from Tesla infotainment to EV chargers.... [...]
The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing account credentials with threat actors. [...]
A cyberattack targeting Poland's power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware dubbed DynoWiper during the attack.. [...]
The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector. [...]
Drone, satellite, and other data combined to monitor unwanted vessels The UK Home Office is spending up to £100 million on intelligence tech in part to tackle the so-called "small boats" issue of refugees and irregular immigrants coming across the English Channel.... [...]
But ex-CISA boss and new RSAC CEO Jen Easterly will be there exclusive The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register.... [...]
But ex-CISA boss and new RSAC CEO Jen Easterly will be there updated The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register. Sessions involving speakers from the FBI and National Security Agency (NSA) have also disappeared …
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. [...]
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. [...]
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) audit for the AWS Payment Cryptography service. With AWS Payment Cryptography, your payment processing applications can use payment hardware security modules (HSMs) that are PCI PIN Transaction Security (PTS …
If you skipped it back then, now’s a very good time You've got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after Broadcom patched the flaw.... [...]
Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
Amazon Web Services (AWS) is pleased to announce a successful completion of the 2025 Cloud Computing Compliance Criteria Catalogue (C5) attestation cycle with 183 services in scope. This alignment with C5 requirements demonstrates our ongoing commitment to adhere to the heightened expectations for cloud service providers. AWS customers in …
Amazon Web Services (AWS) is pleased to announce the expansion of GSMA Security Accreditation Scheme for Subscription Management (SAS-SM) certification to four new AWS Regions: US West (Oregon), Europe (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Singapore). Additionally, the AWS US East (Ohio) and Europe (Paris) Regions have been …
If you're serious about encryption, keep control of your encryption keys updated If you think using Microsoft's BitLocker encryption will keep your data 100 percent safe, think again. Last year, Redmond reportedly provided the FBI with encryption keys to unlock the laptops of Windows users charged in a fraud …
Two malicious extensions in Microsoft's Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers. [...]
One of the most common questions about secrets management strategies on Amazon Web Services (AWS) is whether an organization should centralize its secrets. Though this question is often focused on whether secrets should be centrally stored, there are four aspects of centralizing the secrets management process that need to …
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend tooling framework, and the Prettier code formatter. [...]
'A lot more' victims to come, we're told ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during which the extortionist crew allegedly gained access to Crunchbase and Betterment.... [...]
Security chief says criminals are already automating workflows, with full end-to-end tools likely within years CISOs must prepare for "a really different world" where cybercriminals can reliably automate cyberattacks at scale, according to a senior Googler.... [...]
South Carolina federal prosecutors announced that two Venezuelan nationals convicted of stealing hundreds of thousands of dollars from U.S. banks in an ATM jackpotting scheme will be deported after serving their sentences. [...]
A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. [...]
AI-generated code can introduce subtle security flaws when teams over-trust automated output. Intruder shows how an AI-written honeypot introduced hidden vulnerabilities that were exploited in attacks. [...]
Pwn2Own Automotive 2026 has ended with security researchers earning $1,047,000 after exploiting 76 zero-day vulnerabilities between January 21 and January 23. [...]
Fix didn't quite do the job – attackers spotted logging in Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices supposedly fully up to date.... [...]
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to …
Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December. [...]
Direct debits? Maybe February. Birth certificates? Dream on. Council tax bills? Oh, those are coming Hammersmith & Fulham Council says payments are now being processed as usual, two months after a cyberattack that affected multiple boroughs in the UK's capital city.... [...]
Much owed to the few, but takeup is under 1% More than 15,000 former members of the UK's armed forces have successfully applied for a digital version of their veterans ID card since its launch in October, according to the Government Digital Service (GDS).... [...]
Teach a crook to phish... Criminals can more easily pull off social engineering scams and other forms of identity fraud thanks to custom voice-phishing kits being sold on dark web forums and messaging platforms.... [...]
The project developer for one of the Internet’s most popular networking tools is scrapping its vulnerability reward program after being overrun by a spike in the submission of low-quality reports, much of it AI-generated slop. “We are just a small single open source project with a small number …