News

In SEC filings, Fortinet and Palo Alto show shrinking product margins taking hold.

PCs and datacenters aren't the only devices that need DRAM. The global memory shortage is roiling the cybersecurity market, with the cost of firewalls expected to balloon and hit both customers and vendors in the pocketbook in 2026, according to research analysts Wedbush.…

Gang members 'systematically exploited children and young people,' cops say

A 21-year-old Swedish man accused of being a key organizer of violence-as-a-service linked to the Foxtrot criminal network, which police say has recruited and exploited minors, has been arrested in Iraq.…

Survey finds security checks nearly doubled in a year as leaders wise up

The number of organizations that have implemented methods for identifying security risks in the AI tools they use has almost doubled in the space of a year.…

Agents must be 'safer and better than humans,' James Nettesheim tells The Reg

interview  When it comes to security, AI agents are like self-driving cars, according to Block Chief Information Security Officer James Nettesheim.…

Website built around buying and selling stolen data has lost control of its own

BreachForums, the serially resurrected cybercrime marketplace, has tripped over itself after a data breach spilled details tied to about 324,000 user accounts.…

Tech minister Liz Kendall says the government will back a robust regulatory response

Ofcom is investigating X over potential violations of the Online Safety Act, Britian's comms watchdog has confirmed.…

Opposition leader Kemi Badenoch pitches age limits and classroom curbs as fixes for behavior and mental health

The Tories have pledged to kick under-16s off social media, betting that banning teens from TikTok and Instagram will fix what they see as a growing crisis in kids' mental health and classroom behavior.…

Says ongoing talks about security are about understanding best practice, not strong-arming vendors

India’s government has denied that it is working on rules that would require smartphone manufacturers to provide access to their source code.…

PLUS: Cambodia arrests alleged scam camp boss; Baidu spins out chip biz; Panasonic’s noodle shop plan; And more!

Asia in Brief  The governments of Malaysia and Indonesia have suspended access to social network X, on grounds that it allows users to produce sexual imagery without users’ consent.…

PLUS: Veeam patches critical vuln; Crims bribing dark web insiders; UK school takedown; And more

infosec in brief  Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information.…

Ministers promise equivalent standards just without the legal obligation

ANALYSIS  From May's cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government.…

Remember when government agents didn't wear masks?

While watching us now seems like the least of its sins, the US Immigration and Customs Enforcement (ICE) was once best known (and despised) for its multi-billion-dollar surveillance tech budget.…

Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant

France has released an alleged ransomware crook wanted by the US in exchange for a conflict researcher imprisoned in Russia.…

State-backed attackers are using QR codes to slip past enterprise security and help themselves to cloud logins, the FBI says

North Korean government hackers are turning QR codes into credential-stealing weapons, the FBI has warned, as Pyongyang's spies find new ways to duck enterprise security and help themselves to cloud logins.…

Huntress analysis suggests VM escape bugs were already weaponized in the wild

Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the bugs it relied on were made public.…

Image generation paywalled on X after ministers and regulators start asking awkward questions

Grok has yanked its image-generation toy out of the hands of most X users after the UK government openly weighed a ban over the AI feature that "undressed" people on command.…

As you should, when being told the only remedy is deleting everything and starting again

On Call  2025 has ended and a new year is upon us, but The Register will continue opening Friday mornings with a fresh installment of On Call – the reader-contributed column that tells your tales of tech support.…

Authentication is basically solved. Authorization is another thing entirely...

CrowdStrike has signed a $740 million deal to buy identity security startup SGNL. The move underscores the growing threat of identity-based attacks as companies struggle to secure skyrocketing numbers of non-human identities, including AI agents.…

No reports of active exploitation … yet

Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information - and warned that a public, proof-of-concept exploit for the flaw exists online.…

Cop wins hit crime infrastructure, not the people behind it

If 2025 was meant to be the year ransomware started dying, nobody appears to have told the attackers.…