Seemingly complex strings are actually highly predictable, crackable within hours Generative AI tools are surprisingly poor at suggesting strong passwords, experts say.... [...]

Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and effectively unexploitable."... [...]

No worries if the US doesn't want to be friends with Europe anymore Lockheed Martin's F-35 fighter aircraft can be jailbroken "just like an iPhone," the Netherlands' defense secretary has claimed.... [...]

CEO lauds security researchers, insists they're not 'inputs' HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.... [...]

Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next If enterprises are implementing AI, they’re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech lags consumer take-up by at least a couple …

Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.... [...]

Plus 3 new goon squads targeted critical infrastructure last year Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos' …

Keep behavioral tracking American? PC giant says the claim is 'false' A US law firm has accused Lenovo of violating Justice Department strictures about the bulk transfer of data to foreign adversaries, namely China.... [...]

Police say seized kit contained logins, passwords, and server IP addresses Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid.... [...]

Digital burglaries remain routine, and data shows most corps still don't stick to basic infosec standards Britain is telling businesses to "lock the door" on cybercrims as new government data suggests most still haven't even found the latch.... [...]

Social media platform’s legal eagles prepare to fight ever-growing number of countries The Irish Data Protection Commission (DPC) is the latest regulator to open an investigation into Elon Musk's X following repeated reports of harmful image generation by the platform's Grok AI chatbot.... [...]

Top brass splash cash on acoustic targeting, hypersonic missiles...and Red Hat Keir Starmer could ramp up the UK's defense spending plans faster than planned as the MoD reeled off new purchases for Britain's armed forces.... [...]

Fashion brand latest to succumb to ShinyHunters' tricks Canada Goose says an advertised breach of 600,000 records is an old raid and there are no signs of a recent compromise.... [...]

Bungled link handed over sensitive docs, and when recipient didn't cooperate, police opted for cuffs Dutch police have arrested a man for "computer hacking" after accidentally handing him their own sensitive files and then getting annoyed when he didn't hand them back.... [...]

Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.... [...]

Free beer is great. Securing the keg costs money fosdem 2026 Open source registries are in financial peril, a co-founder of an open source security foundation warned after inspecting their books. And it's not just the bandwidth costs that are killing them.... [...]

High-severity CSS flaw let malicious webpages run code inside the sandbox Google has quietly pushed out an emergency Chrome fix after attackers were caught exploiting the browser's first reported zero-day of 2026.... [...]

PLUS: India demands two-hour deepfake takedowns; Singapore embraces AI; Japanese robot wolf gets cuddly; And more Asia In Brief The United States may be about to change its policies regarding Chinese technology companies.... [...]

PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in Brief The former General Manager of defense contractor L3Harris’s cyber subsidiary Trenchant sold eight zero-day exploit kits to Russia, according to a court filing last week.... [...]

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being actively exploited, exposing unpatched businesses and government agencies to attack.... [...]

Names, addresses, bank account numbers accessed – but biz insists passwords and call data untouched The Netherlands' largest mobile network operator (MNO) has admitted that a breach of its customer contact system may have affected around 6.2 million people.... [...]

Years later, he read about his antagonist doing time for murder On Call Welcome to another installment of On Call, The Register's weekly reader-contributed column that tells your tech support tales.... [...]

Are you a good bot or a bad bot? More than 30 malicious Chrome extensions installed by at least 260,000 users purport to be helpful AI assistants, but they steal users' API keys, email messages, and other personal data. Even worse: many of these are still available on …

As if snooping on your workers wasn't bad enough Your supervisor may like using employee monitoring apps to keep tabs on you, but crims like the snooping software even more. Threat actors are now using legit bossware to blend into corporate networks and attempt ransomware deployment.... [...]

Flaw abused 'in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an "extremely sophisticated attack" against targeted individuals.... [...]