Reflections on coaching, collaboration, and the pursuit of excellence in cyber security Partner Content From 6th to 10th October 2025, ten exceptional cyber enthusiasts proudly flew the flag for the United Kingdom in the European Cyber Security Challenge (ECSC), held this year in the vibrant setting of Poland.... [...]
The shoemaker’s children have new friends The International Association for Cryptologic Research will run a second election for new board members and other officers, after it was unable to complete its first poll due to a lost encryption key.... [...]
PLUS: Manga publishers win Cloudflare copyright case; India, EU to link payment systems; Storm over Australia’s weather website; And more! Asia In Brief Infosys co-founder Narayana Murthy has suggested Indian citizens should work 72-hour weeks, up from his previous target of 70 hours.... [...]
PLUS: CISA issues drone warning; China-linked DNS-hijacking malware; Prison for BTC Samourai; And more Infosec In Brief Researchers have urged users of the glob file pattern matching library to update their installations, after discovery of a years-old remote code execution flaw in the tool's CLI.... [...]
Shiny talks to The Reg EXCLUSIVE ShinyHunters has claimed responsibility for the Gainsight breach that allowed the data thieves to snarf data from hundreds more Salesforce customers.... [...]
Prosecutors say front companies, falsified paperwork, and overseas drop points used to dodge US export rules Four people have been charged in the US with plotting to funnel restricted Nvidia AI chips into China, allegedly relying on shell firms, fake invoices, and covert routing to slip cutting-edge GPUs past …
UK cops trace street-level crime to sanctions-busting networks tied to Moscow's war economy On Christmas Day 2024, a Russian-linked laundering network bought itself a very special present: a controlling stake in a Kyrgyzstan bank, later used to wash cybercrime profits and funnel money into Moscow's war machine, according to …
A multi-layered security framework protecting large-model applications from adversarial threats, data leakage, API abuse, and content risks Partner Content At MWC Shanghai 2025, ZTE has officially launched its ZXCSec MAF product, a dedicated application-layer security protection device specifically designed for large model services.... [...]
Relies on very loose permissions, but don’t worry – Google wrote it in Rust Google has linked Android’s wireless peer-to-peer file sharing tool Quick Share to Apple’s equivalent AirDrop.... [...]
Company 'clearly delighted' with the outcome The US Securities and Exchange Commission (SEC) has abandoned the lawsuit it pursued against SolarWinds and its chief infosec officer for misleading investors about security practices that led to the 2020 SUNBURST attack.... [...]
They keep coming back for more Salesforce has disclosed another third-party breach in which criminals - likely ShinyHunters (again) - may have accessed hundreds of its customers' data.... [...]
Researchers tried to get ChatGPT to do evil, but it didn't do a good job LLMs are getting better at writing malware - but they're still not ready for prime time.... [...]
PowerShell script locked thousands of workers out of their accounts An Ohio IT contractor has pleaded guilty to breaking into his former employer's systems and causing nearly $1 million worth of damage after being fired.... [...]
Networking vendor claims rival helped portray it as a national-security risk in the US TP-Link is suing rival networking vendor Netgear, alleging that the rival and its CEO carried out a smear campaign by falsely suggesting, it says, that the biz had been infiltrated by the Chinese government.... [...]
Privacy cops say attack wasn't just bad luck but a result of sloppy homework Canadian privacy watchdogs say that school boards must shoulder part of the blame for the PowerSchool mega-breach, not just the ed-tech giant that lost control of millions of student and staff records.... [...]
GlobalProtect login endpoints targeted, sparking concern that something bigger may be brewing Malicious traffic targeting Palo Alto Networks' GlobalProtect portals surged almost 40-fold in the space of 24 hours, hitting a 90-day high and putting defenders on alert for whatever comes next.... [...]
Company thinks you’ll contemplate replacing most security kit in the next few years to stay safe Palo Alto Networks CEO Nikesh Arora has suggested hostile nation-states will possess quantum computers in 2029, or even a little earlier, at which point most security appliances will need to be replaced …
‘Bulletproof’ hosts partly dodged the last attack of this sort Cybercrime fighters in the US, UK, and Australia have imposed sanctions on several Russia-linked entities they claim provide hosting services to ransomware gangs Lockbit, BlackSuit, and Play.... [...]
Attackers may be joining the dots to enable unauthenticated RCE Fortinet has confirmed that another flaw in its FortiWeb web application firewall has been exploited as a zero-day and issued a patch, just days after disclosing a critical bug in the same product that attackers had found and abused …
And companies are getting caught in the crossfire interview Warfare has become a joint cyber-kinetic endeavor, with nations using cyber operations to scope out targets before launching missiles. And private companies, including shipping, transportation, and electronics manufacturers, are getting caught in the crossfire, according to Amazon.... [...]
Two-day exploit opened up 3.5 billion users to myriad potential harms Researchers in Austria used a flaw in WhatsApp to gather the personal data of more than 3.5 billion users in what they believe amounts to the "largest data leak in history."... [...]
Researchers say attacks are laying the groundwork for stealthy espionage activity Around 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard's STRIKE team.... [...]
The C-suite will have zero interest in zero trust without a good business case Partner Content In today's enterprise environment, technology investments are no longer judged solely by their technical sophistication. Approval depends on their ability to support business goals, mitigate risk, and create value for shareholders. CIOs and …
MI5 sounds the alarm about attempts to source sensitive information Chinese spies are using social media and fake recruitment agents to recruit sources with access to sensitive information in the UK.... [...]
Using AI to attack AI Malefactors are actively attacking internet-facing Ray clusters and abusing the open source AI framework to spread a self-replicating botnet that mines for cryptocurrency, steals data, and launches distributed denial of service (DDoS) attacks.... [...]