The Register
Cloud threats have execs the most freaked out because they're not prepared
Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are least prepared to address.…
AI code helpers just can't stop inventing package names
AI models just can't seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on AI advice for anything that really matters.…
Forget the Kia Boyz: Hackers could hijack your car with just a smartphone
Infosec In Brief Put away that screwdriver and USB charging cable – the latest way to steal a Kia just requires a cellphone and the victim's license plate number.…
Binance claims it helped to bust Chinese crypto scam app in India
ASIA IN BRIEF It's not often The Register writes about a cryptocurrency outfit being on the right side of a scam or crime, but last week crypto exchange Binance claimed it helped Indian authorities to investigate a scam gaming app.…
Red team hacker on how she 'breaks into buildings and pretends to be the bad guy'
Interview A hacker walked into a "very big city" building on a Wednesday morning with no keys to any doors or elevators, determined to steal sensitive data by breaking into both the physical space and the corporate Wi-Fi network.…
Feds charge 3 Iranians with 'hack-and-leak' of Trump 2024 campaign
The US Department of Justice has charged three Iranians for their involvement in a "wide-ranging hacking campaign" during which they allegedly stole massive amounts of materials from Donald Trump's 2024 presidential campaign and then leaked the information to media organizations.…
Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable
Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.…
Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud
Microsoft's latest threat intelligence blog issues a warning to all organizations about Storm-0501's recent shift in tactics, targeting, and backdooring hybrid cloud environments.…
Patch now: Critical Nvidia bug allows container escape, complete host takeover
A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.…
HPE patches three critical security holes in Aruba PAPI
Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.…
Doomsday '9.9 RCE bug' could hit every Linux system
Details about an as-yet-non-public critical 9.9-out-of-10-severity unauthenticated remote-code execution vulnerability affecting all GNU/Linux systems could be revealed today.…
Securing intellectual property in AI-powered enterprises
Webinar As organizations adopt AI technologies, safeguarding private intellectual property (IP) has become more challenging.…
Victims lose $70k to one single wallet-draining app on Google's Play Store
The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people who downloaded a dodgy app in a single campaign researchers describe as a world-first.…
Public Wi-Fi operator investigating cyberattack at UK's busiest train stations
Updated A cybersecurity incident is being probed at Network Rail, the UK non-departmental public body responsible for repairing and developing train infrastructure, after unsavory messaging was displayed to those connecting to major stations' free Wi-Fi portals.…
UK government's bank data sharing plan slammed as 'financial snoopers' charter'
Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to "a financial snoopers' charter targeted to automate suspicion."…
WordPress.org denies service to WP Engine, potentially putting sites at risk
WordPress on Wednesday escalated its conflict with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources – and therefore from potentially vital software updates.…
China's Salt Typhoon cyber spies are deep inside US ISPs
Another Beijing-linked cyberspy crew, this one dubbed Salt Typhoon, has reportedly been spotted on networks belonging to US internet service providers in stealthy data-stealing missions and potential preparation for future cyberattacks.…
RansomHub genius tries to put the squeeze on Delaware Libraries
Despite being top of the ransomware tree at the moment, RansomHub – specifically, one of its affiliates – clearly isn't that bright as they are reportedly trying to extort Delaware Libraries for around $1 million.…
China claims Taiwan, not civilian hackers, behind website vandalism
Taiwan has dismissed Chinese allegations that its military sponsored a recent wave of anti-Beijing cyber attacks.…
CrowdStrike apologizes to Congress for 'perfect storm' that caused global IT outage
CrowdStrike is "deeply sorry" for the "perfect storm of issues" that saw its faulty software update crash millions of Windows machines, leading to the grounding of thousands of planes, passengers stranded at airports, the cancellation of surgeries, and disruption to emergency services hotlines among many more inconveniences.…