Shai-Hulud copycat worm infects yet another npm package
Plus three other stealers in three other packages, all from the same scumbag [...]
Showing only posts by The Register. Show all posts.
Linux kernel flaw opens root-only files to unprivileged users
Plus ModuleJail, a radical proposal for minimizing the impact of similar bugs [...]
TanStack weighs invitation-only pull requests after supply chain attack
Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on unsolicited contributions [...]
NGINX Rift attackers waste no time targeting exposed servers
Researchers say 18-year-old flaw already being probed and exploited just days after disclosure [...]
Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative
Shift comes amid mounting reports of successful social engineering attacks targeting higher-ups in government [...]
F-35 software delays leave UK buying time with US glide bombs
MoD says StormBreaker will plug gap until homegrown SPEAR 3 integration lands [...]
Mozilla warns UK: Breaking VPNs will not magically fix Britain's age-check mess
Firefox maker says the tools are basic security infrastructure, not teenage contraband [...]
Grafana Labs admits all its codebase are belong to someone who popped its GitHub account
No customer info stolen, no impact to operations, and no blackmail payment [...]
Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’
Multiple researchers using the same tools to find the same bugs are creating ‘unnecessary pain and pointless work’ [...]
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines [...]
MPs want social media treated more like unsafe toys than harmless apps
Parliamentary committee tells ministers online safety regime is failing children and warns 'no action is not an option' [...]
Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data
Other than Instructure execs - maybe? [...]
Cops arrest man suspected of being Dream Market kingpin
Owe Martin Andresen faces charges in both US and Germany connected with money laundering, claims he sent gold bars directly to his doorstep [...]
Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access
Fresh kernel flaw comes with public exploit code and continues ugly run of highly reliable privilege escalation bugs tied to memory and page-cache handling [...]
To gain root access at this company, all an intruder had to do was ask nicely
Human IT managers thought they were being nice to the boss, but were assisting a threat actor [...]
AI models are getting better at replacing cybersecurity pros on certain tasks
UK researchers find LLMs are learning to finish jobs faster and improving all the time [...]
Cisco to fire 4,000 staff and generously give them free training – on Cisco
Reducing memory requirements to control costs in a new wave of kit [...]
Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits
Palo Alto Networks found and fixed 75 flaws this month, up from its usual five [...]
AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
If a setting fails in the forest and nobody hears it... [...]
Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs
Apache, Alibaba databases vulnerable and only one has a patch [...]
Mystery Microsoft bug leaker keeps the zero-days coming
Security pros warn YellowKey claim could make stolen laptops a much bigger problem [...]
Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing [...]
Vietnam to develop domestic cloud so it can ditch risky overseas operators for government workloads
Communist government plans personalized ‘data-driven decision-making based on real-time information’ by 2035 [...]
Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs
The good news: no 0-days. The bad news: busy week ahead for Microsoft admins [...]
Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files
Affected factories back up and running, we're told [...]
« newer articles | page 6 | older articles »