Wired writes (alternate source ): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it …
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability. [...]
Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register's new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is an essential tool for most IT defenders, so, on balance, we're sure it has protected …
First public downstream victim, but won't be the last AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the fallout from the Trivy compromise continues to spread.... [...]
A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities. [...]
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. [...]
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. [...]
Plus: how to train your human AI interview Amazon has seen a 40 percent efficiency gain by using AI tools to pentest its products before and after launch, according to security chief CJ Moses.... [...]
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. [...]
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times. [...]
The 2026 US “ Cyber Strategy for America ” document is mostly the same thing we’ve seen out of the White House for over a decade, but with a more aggressive tone. But one sentence stood out: “We will unleash the private sector by creating incentives to identify and disrupt …
We could tell you no for free The UK government will spend about £630,000 running a discussion panel on its digital identity card plans, which minister James Frith said will "consider different perspectives and debate trade-offs" alongside a formal consultation.... [...]
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. [...]
The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. [...]
Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year. [...]
Last week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The slides from the talk are here, but—even better—Menton has a long essay laying out the basic concepts and ideas. The whole thing is important and well worth …
ESET says factory outages, lost revenue, and supply chain disruption are becoming routine Nearly 80 percent of British manufacturers say they've been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual …
Google announced that the AI-powered Google Drive ransomware detection feature has reached general availability and is now enabled by default for all paying users. [...]
Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. [...]
Proton has announced a new video conferencing service named Meet and positioned it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams. [...]
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. [...]
Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file. [...]
How to avoid social engineering attacks? Employee training tops the list Be careful what you click on. Miscreants are abusing WhatsApp messages in a multi-stage attack that delivers malicious Microsoft Installer (MSI) packages, allowing criminals to control victims' machines and access all of their data.... [...]
We’re excited to announce the release of our latest compliance guide, ISO/IEC 27001:2022 on AWS, which provides practical guidance for organizations designing and operating an Information Security Management System (ISMS) using AWS services. As organizations migrate critical workloads to the cloud, aligning with globally recognized standards …
Researchers say some targets correlate with cities hit by Iranian missile strikes Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been aimed at supporting bomb-damage assessment following missile strikes.... [...]
Building a utility-scale quantum computer that can crack one of the most vital cryptosystems—elliptic curves—doesn’t require nearly the resources anticipated just a year or two ago, two independently written whitepapers have concluded. In one, researchers demonstrated the use of neutral atoms as reconfigurable qubits that have …
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. [...]
AWS Security Agent on-demand penetration testing is now generally available, enabling you to run comprehensive security tests across all your applications, not only your most critical ones. This milestone transforms penetration testing from a periodic bottleneck into an on-demand capability that scales with your development velocity across AWS, Azure …
AI agent risk isn't equal, it scales with access to systems and level of autonomy. Token Security explains how CISOs should categorize agents and prioritize what to secure first. [...]
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. [...]
Charles Bennett and Gilles Brassard have won the 2026 Turing Award for inventing quantum cryptography. I am incredibly pleased to see them get this recognition. I have always thought the technology to be fantastic, even though I think it’s largely unnecessary. I wrote up my thoughts back in …
Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios One of npm's most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer's account and slipped a remote-access trojan (RAT) into two seemingly legitimate axios releases, in what's being described as …
U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering the proceeds through a cryptocurrency mixer. [...]
The Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while investigating a cyberattack detected two weeks ago. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday. [...]
Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours. [...]
A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. [...]
Check Point says outbound controls blocked web traffic but overlooked DNS OpenAI talks up data security for its AI services, yet Check Point says that ChatGPT allowed data to leak through a DNS side channel before the flaw was fixed.... [...]
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. [...]
Also, EU probes Snapchat, RedLine suspect extradited, AstraZeneca leak claim surfaces, and more infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on developers’ systems.... [...]
Welcome to the second Cloud CISO Perspectives for March 2026. Today, Nick Godfrey details his conversation with Francis deSouza at RSA Conference, and how it’s part of our approach to bold and responsible AI use. As with all Cloud CISO Perspectives, the contents of this newsletter are posted …
Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks. [...]
AI SOC agents can reduce alert fatigue, but most teams fail to measure real outcomes. Prophet Security breaks down Gartner's questions for evaluating AI SOC agents and separating real impact from hype. [...]
Researchers say attackers are already looting vulnerable boxes In-the-wild exploitation of a critical Citrix NetScaler bug has begun less than a week after disclosure, with researchers warning that attackers are already poking and pillaging vulnerable boxes.... [...]
A thoughtful review of Apple’s system to alert users that the camera is on. It’s really well-designed, and important in a world where malware could surreptitiously start recording. The reason it’s tempting to think that a dedicated camera indicator light is more secure than an on-display …
F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices. [...]
Brussels notifying 'Union entities' whose data may've been snatched in websites breach The European Commission has admitted that attackers broke into its public-facing web infrastructure and siphoned off data in a bare-bones disclosure that answers the what but ducks most of the how.... [...]
Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused. [...]
Career-limiting stupidity and rudeness exposed, with terminal consequences Who, Me? The week before Easter may be a short one for many in the Reg -reading world, but that won't stop us from opening it with a fresh installment of Who, Me? It's the reader-contributed column in which you share …
The European Commission has confirmed a data breach after its Europa.eu web platform was hacked in a cyberattack claimed by the ShinyHunters extortion gang. [...]