Security news | The Register

REG AD

SECURITY

Latest news and insight on information security and IT defenses

Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware

'Thousands' of US victims, including 12+ machines owned and operated by Redmond

America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames

I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?

Clear your calendar, Drupal user: You have a critically urgent patch to install

The org’s staying mum on the details, but Wednesday’s fixes reach back to unsupported 8.9 branches

Top-down view of a giant sandworm-like creature on rippled desert sand with its mouth open.

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings

REG AD

CTT-branded eco vehicle. Image courtesy of CTT Group.

Crook leaks 468k+ records, claims they pwned Portugal’s postal carrier

Ordered packages via CTT? Those phishing emails could be tricky to spot

Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

While also spoofing all the trusted domains - Apple, Microsoft, and Google - in the same attack

Shai-Hulud copycat worm infects yet another npm package

Plus three other stealers in three other packages, all from the same scumbag

Linux kernel flaw opens root-only files to unprivileged users

Plus ModuleJail, a radical proposal for minimizing the impact of similar bugs

Dutch cops’ shame game works wonders as most wanted scammers now turned in

Game Over?! gamified the identification of scammers who sought thrills from terrorising the elderly

TanStack weighs invitation-only pull requests after supply chain attack

Shai-Hulud worm exploited GitHub Actions misconfiguration to poison shared cache, now project weighing nuclear option on unsolicited contributions

A person typing on a laptop with a red warning triangle icon displayed on the screen.

NGINX Rift attackers waste no time targeting exposed servers

Researchers say 18-year-old flaw already being probed and exploited just days after disclosure

Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative

Shift comes amid mounting reports of successful social engineering attacks targeting higher-ups in government

REG AD

F-35B Lightning jet launches from aircraft carrier HMS Prince of Wales during wet weather.

F-35 software delays leave UK buying time with US glide bombs

MoD says StormBreaker will plug gap until homegrown SPEAR 3 integration lands

Mozilla warns UK: Breaking VPNs will not magically fix Britain's age-check mess

Firefox maker says the tools are basic security infrastructure, not teenage contraband

Grafana Labs admits all its codebase are belong to someone who popped its GitHub account

No customer info stolen, no impact to operations, and no blackmail payment

Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’

Multiple researchers using the same tools to find the same bugs are creating ‘unnecessary pain and pointless work’

Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day

CISA hands feds super-tight deadline for this perfect-10, actively exploited flaw

OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

Attackers stole a limited amount of internal credential material after malware hidden in poisoned packages reached two staff machines

MPs want social media treated more like unsafe toys than harmless apps

Parliamentary committee tells ministers online safety regime is failing children and warns 'no action is not an option'

Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data

Other than Instructure execs - maybe?

People at computers in a dark room with glowing monitors, suggesting cybercrime activity.

Cops arrest man suspected of being Dream Market kingpin

Owe Martin Andresen faces charges in both US and Germany connected with money laundering, claims he sent gold bars directly to his doorstep

Dirty Frag gets a sequel as Fragnesia hands Linux attackers root-level access

Fresh kernel flaw comes with public exploit code and continues ugly run of highly reliable privilege escalation bugs tied to memory and page-cache handling

To gain root access at this company, all an intruder had to do was ask nicely

Human IT managers thought they were being nice to the boss, but were assisting a threat actor

AI models are getting better at replacing cybersecurity pros on certain tasks

UK researchers find LLMs are learning to finish jobs faster and improving all the time

Cisco to fire 4,000 staff and generously give them free training – on Cisco

Reducing memory requirements to control costs in a new wave of kit

Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits

Palo Alto Networks found and fixed 75 flaws this month, up from its usual five

AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?

If a setting fails in the forest and nobody hears it ...

Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs

Apache, Alibaba databases vulnerable and only one has a patch

Binary digits arranged into a bug shape on a black background.

Mystery Microsoft bug leaker keeps the zero-days coming

Security pros warn YellowKey claim could make stolen laptops a much bigger problem

Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub

Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing

REG AD

Vietnam to develop domestic cloud so it can ditch risky overseas operators for government workloads

Communist government plans personalized ‘data-driven decision-making based on real-time information’ by 2035

Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs

The good news: no 0-days. The bad news: busy week ahead for Microsoft admins

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

Affected factories back up and running, we're told

REG AD

Congress investigates Canvas breach as company pays ransom

Instructure CEO Steve Daly's got some explaining to do

AirBit crypto Ponzi victims can now claim slice of $400M asset haul

After guilty pleas, prison terms, and seizures, the DOJ has opened the compensation process

US bank reports itself after slinging customer data at 'unauthorized AI app'

Volume and sensitivity of the data cited as chief concerns

Cache-poisoning caper turns TanStack npm packages toxic

Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code

Illustration of two people sitting on opposite ends of a network diagram with multicolored lines passing through a central circle.

Apple, Google drag cross-platform texting into the encrypted age

After years of stopping dead at the green bubble border, iPhone and Android users can finally send E2EE messages without relying on third-party apps

FleetWave outage takes another turn. Chevin confirms crooks accessed customer data

A month after bringing systems back online, SaaS vendor tells customers attackers potentially walked off with operational data, contact details, and payroll numbers

Japan’s PM orders cybersecurity review to stop Mythos going full CyberZilla

Fears exponential increase in attack scale and speed

Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline

UPDATED: Sorry, kids, everything's back up so get to work on your new assignment - An essay on the ethics of paying ransoms, because it looks like that's what happened here

Cookie thieves caught stealing dev secrets via fake Claude Code installers

New IElevator2 COM interface? No problem

Anthropic’s bug-hunting Mythos was greatest marketing stunt ever, says cURL creator

After all that hype, AI scanner found one low-severity cURL flaw

A blue Best Western Central hotel sign mounted outdoors beside green trees.

BWH Hotels guests warned after reservation data checks out with cybercrooks

Customers urged to keep an eye out for phisherfolk

Google says criminals used AI-built zero-day in planned mass hack spree

GTIG says AI-powered hacking has moved well beyond phishing emails and chatbot tricks

A close-up of a rusted pipe valve leaking water outdoors.

Water company's leaky security earns near-£1M fine

Utility provider failed to detect Cl0p ransomware attack for nearly two years

Software developers work at dual monitors in a glass-walled office

Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged

Cybercrooks ruin engineers' weekends with Saturday attack

REG AD

Worm rubs out competitor's malware, then takes control

All your compromised credentials are belong to us now instead of the other gang

Disgraced US gov software contractor found guilty of database destruction

Twin brother still faces trial over broader cybercrime allegations

'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit

Broken disclosure embargo left admins facing a fresh root-level flaw with no CVE

Close-up of a finger touching a smartphone screen with social media app icons.

Meta U-turns on encryption push for Instagram as DMs go plaintext

After years of insisting end-to-end encryption was the future of online comms, Zuckcorp has handed itself full visibility into user chats once again

Four young people lie on green grass in colorful clothing, viewed from above, smiling and relaxing.

Hackers ate my homework: Educational SaaS Canvas down after cyberattack

ShinyHunters takes the credit and gives developer an F for security

Two clenched fists collide in a dramatic illustration with sparks and a dark background.

Meta fights Ofcom over how many billions count as billions

Social media biz says watchdog's fine formula is 'disproportionate' and should stop counting global revenue

Mozilla boasts Mythos boosted Firefox bug cull

Yet it remains unclear if Anthropic's uber model was effective, or if better model middleware is what makes the difference

Fake IT workers rented laptops to Nork scammers, got prison time

Matthew Isaac Knoot and Erick Ntekereze Prince will each do 18 months for hosting laptops used by North Korean IT workers to remotely infiltrate US companies