Dirty Frag, Copy Fail, Fragnesia: The start of a worrisome Linux security trend
Or is it just life today, with AI constantly digging through code repositories in search of security holes? [...]
Showing only posts in The Register. Show all posts.
A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets
Hey, Gemini, how much can we earn from one pump-and-dump cycle? [...]
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Will Jason Statham save us? [...]
Techie claims Trump Mobile website was leaking thousands of people's data
Customers' info potentially handed to anyone who could send an HTTP request [...]
Cisco used AI to write security incident reports, with mixed results
You’ll need a lot of detailed prompts to get solid output - and even then it may have errors and typos [...]
Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'
'Budgets are moral documents,' Rep. Delia Ramirez said [...]
Threat hunters find Google API keys still usable 23 minutes after deletion
Plenty of time for bad actors to grab data or hit you with a giant bill [...]
HackerOne takes an axe to its bug bounty rewards
Critical flaw payouts slashed by more than 75% [...]
Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach
Leakage blamed on treacherous friends exposed unencrypted credentials, email addresses [...]
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
Switchzilla says attackers could access sensitive data and make configuration changes across tenant boundaries through vulnerable internal APIs [...]
Microsoft storms RAMPART, adds Clarity to agentic AI safety
Redmond open sources two tools for building and maintaining safer agents [...]
Zombie user account let hackers control the city’s water
Failing to disable a former employee’s account was a huge mistake [...]
Even Claude agrees: hole in its sandbox was real and dangerous
Another day, another AI bug silently fixed with no CVE and no public disclosure [...]
GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Initial assessment says customer data spared while users wonder what else may have slipped out [...]
London's police asked Big Tech for comms data over 700,000 times last year
A Freedom of Information Act request shows the extent of the surveillance [...]
Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
'Thousands' of US victims, including 12+ machines owned and operated by Redmond [...]
America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames
I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'? [...]
America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames
I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'? [...]
Clear your calendar, Drupal user: You have a critically urgent patch to install
The org’s staying mum on the details, but Wednesday’s fixes reach back to unsupported 8.9 branches [...]
Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them
While also spoofing all the trusted domains - Apple, Microsoft, and Google - in the same attack [...]
Shai-Hulud copycat worm infects yet another npm package
Plus three other stealers in three other packages, all from the same scumbag [...]
Linux kernel flaw opens root-only files to unprivileged users
Plus ModuleJail, a radical proposal for minimizing the impact of similar bugs [...]
TanStack weighs invitation-only pull requests after supply chain attack
Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on unsolicited contributions [...]
NGINX Rift attackers waste no time targeting exposed servers
Researchers say 18-year-old flaw already being probed and exploited just days after disclosure [...]
Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative
Shift comes amid mounting reports of successful social engineering attacks targeting higher-ups in government [...]
« newer articles | page 5 | older articles »