Sitecore CMS flaw let attackers brute-force 'b' for backdoor
Hardcoded passwords and path traversals keeping bug hunters in work
Patches17 Jun 2025 | 1
Connor is a cybersecurity journalist for The Register, reporting on what you need to know to keep your systems secure. Based in the UK, he has previously held positions ranging from news editor to staff writer.
23andMe hit with £2.3M fine after exposing genetic data of millions
Penalty follows year-long probe into flaws that allowed attack to affect so many
CSO17 Jun 2025 | 12
Canada's WestJet says 'expect interruptions' online as it navigates cybersecurity turbulence
updated Flights still flying - just don't count on the app or website working smoothly
Security16 Jun 2025 | 1
Eurocops arrest suspected Archetyp admin, shut down mega dark web drug shop
Marketplace as big as Silk Road had more than 600k users and turnover of 'at least' €250M
Security16 Jun 2025 | 9
Spy school dropout: GCHQ intern jailed for swiping classified data
Student 'believed he could finish' software dev 'project alone and therefore that the rules did not apply to him'
Security16 Jun 2025 | 104
Apple fixes zero-click exploit underpinning Paragon spyware attacks
Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent
Security13 Jun 2025 | 18
Wanted: Junior cybersecurity staff with 10 years' experience and a PhD
Infosec employers demanding too much from early-career recruits, says ISC2
CSO13 Jun 2025 | 70
Slapped wrists for Financial Conduct Authority staff who emailed work data home
It was one of the offenders' final warning
CSO13 Jun 2025 | 20
'Major compromise' at NHS temping arm exposed gaping security holes
Exclusive Incident responders suggested sweeping improvements following Active Directory database heist
Cyber-crime12 Jun 2025 | 17
Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks
The 16 other flagged issues are on customers, says CRM giant
Research11 Jun 2025 |
Asia dismantles 20,000 malicious domains in infostealer crackdown
Interpol coordinates operation, nabs 32 across Vietnam, Sri Lanka, and Nauru
Cyber-crime11 Jun 2025 | 4
Critical Wazuh bug exploited in growing Mirai botnet infection
The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too
Research10 Jun 2025 |
M&S online ordering system operational 46 days after cyber shutdown
A milestone in cyberattack recovery – but deliveries will take a while and normal service not yet back
Cyber-crime10 Jun 2025 | 18
Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
Majority of exposures located in the US, including datacenters, healthcare facilities, factories, and more
Research10 Jun 2025 | 57
Fresh strain of pro-Russian wiper flushes Ukrainian critical infrastructure
Destructive malware has been a hallmark of Putin's multi-modal war
Security06 Jun 2025 | 9
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
The cash has been frozen for more than two years
Security06 Jun 2025 | 3
BidenCash busted as Feds nuke stolen credit card bazaar
Dark web crime platform raked in $17M+ over three years of operation
Cyber-crime05 Jun 2025 | 3
More than a hundred backdoored malware repos traced to single GitHub user
Someone went to great lengths to prey on the next generation of cybercrooks
Cyber-crime05 Jun 2025 | 12
HMRC: Crooks broke into 100k accounts, stole £43M from British taxpayer in late 2024
It’s definitely not a cyberattack though! Really!
Public Sector05 Jun 2025 | 29
Crims stole 40,000 people's data from our network, admits publisher Lee Enterprises
Did somebody say ransomware? Not the newspaper group, not even to deny it
Cyber-crime04 Jun 2025 | 2
UK CyberEM Command to spearhead new era of armed conflict
Government details latest initiative following announcement last week
Security04 Jun 2025 | 17
Crooks fleece The North Face accounts with recycled logins
Outdoorsy brand blames credential stuffing
Cyber-crime03 Jun 2025 | 7
Bling slinger Cartier tells customers to be wary of phishing attacks after intrusion
Nothing terribly valuable taken in data heist, though privacy a little tarnished
Cyber-crime03 Jun 2025 | 6
US community bank says thieves drained customer data through third party hole
Disclosure at MainStreet Bancshares comes as American finance orgs beg for looser reporting requirements
Cyber-crime02 Jun 2025 | 13
Feds arrest DoD techie, claim he dumped top secret files in park for foreign spies to find
28-year-old alleged to have made multiple drops to folks who turned out to be undercover FBI agents
Security30 May 2025 | 38
US medical org pays $50M+ to settle case after crims raided data and threatened to swat cancer patients
Cash splashed on damages, infrastructure improvements, and fraud monitoring
Cyber-crime30 May 2025 | 2
8,000+ Asus routers popped in 'advanced' mystery botnet plot
No formal attribution made but two separate probes hint at the same suspect
Research29 May 2025 | 10
Billions of cookies up for grabs as experts warn over session security
Law enforcement crackdowns are gathering pace but online marketplaces still teeming with valuable tokens
Security29 May 2025 | 22
Attack on LexisNexis Risk Solutions exposes data on 300k +
Data analytics and risk management biz says software dev platform breached, not itself
Cyber-crime28 May 2025 | 2
Russian IT pro sentenced to 14 years forced labor for sharing medical data with Ukraine
The latest in a long line of techies to face Putin’s wrath
Security28 May 2025 | 47
Adidas confirms criminals stole data from customer service provider
Hackers take personal data bytes from the brand with three stripes
Cyber-crime27 May 2025 | 2
Ransomware attack on MATLAB dev MathWorks – licensing center still locked down
Commercial customers, STEM students all feeling the pain after mega outage of engineering data-analysis tool
Cyber-crime27 May 2025 | 23
CISA says SaaS providers in firing line after Commvault zero-day Azure attack
Cyberbaddies are coming for your M365 creds, US infosec agency warns
Security23 May 2025 | 2
Russia expected to pass experimental law that tracks foreigners in Moscow via smartphones
4-year trial is second major initiative this year that clamps down on 'illegal immigrants'
Applications22 May 2025 | 56
Scottish council admits ransomware crooks stole school data
Parents and teachers have personal info, ID documents leaked online, but exam season mostly unaffected
Cyber-crime22 May 2025 | 36
Coinbase confirms insiders handed over data of 70K users
Bribed support staff identified, fired
Cyber-crime21 May 2025 | 17
Judge allows Delta's lawsuit against CrowdStrike to proceed with millions in damages on the line
CS remains hopeful damages will be limited to seven figures
Security21 May 2025 | 5
M&S warns of £300M dent in profits from cyberattack
Downtime stings retailer, with technical recovery costs coming at a later date
Cyber-crime21 May 2025 | 42
Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms
Update before that proof-of-concept comes to bite
Patches20 May 2025 | 21
Ransomware attack on food distributor spells more pain for UK supermarkets
Peter Green Chilled supplies all the major UK chains
Cyber-crime20 May 2025 | 64
Virgin Media O2 patches hole that let callers snoop on your coordinates
Researcher finds VoLTE metadata could be used to locate users within 100 meters
Security20 May 2025 | 33
Millions at risk after attackers steal UK legal aid data dating back 15 years
Cybercriminals lifted info including addresses, ID numbers, and financial records from agency systems
Cyber-crime19 May 2025 | 49
IT chiefs of UK's massive health service urge vendors to make public security pledge
Enormous org has been hit by ransomware again and again, on multiple fronts, over the past year
Cyber-crime19 May 2025 | 27
Defamation case against DEF CON terminated with prejudice
'We hope it makes attendees feel safe reporting violations'
Security16 May 2025 | 4
Broadcom employee data stolen by ransomware crooks following hit on payroll provider
Updated Tech giant was in process of dropping payroll biz as it learned of breach
Cyber-crime16 May 2025 | 1
Coinbase extorted for $20M. Support staff bribed. Customers scammed. One hell of a SNAFU
Expert tells us: 'It is the most unique breach disclosure I've ever seen'
Cyber-crime15 May 2025 | 14
Uncle Sam pulls $2.4B Leidos deal to support CISA after rival alleges foul play
Nightwing claims insider intel helped secure lucrative CISA work but US says decision is unrelated
Public Sector14 May 2025 | 4
Ivanti patches two zero-days under active attack as intel agency warns customers
Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product
Patches14 May 2025 | 1
Everyone's deploying AI, but no one's securing it – what could go wrong?
CYBERUK Crickets as senior security folk asked about risks at NCSC conference
CSO14 May 2025 | 22
'We still have embeds in CISA': CTO of Brit cyber agency talks post-Trump relationship with US counterpart
CYBERUK Both agencies seem unbothered despite tech world's clear concerns for US infoseccers
Security13 May 2025 | 6
Marks & Spencer admits cybercrooks made off with customer info
Market cap down by more than £1B since April 22
Cyber-crime13 May 2025 | 76
Attackers pwn charter airline helping Trump's deportation campaign
Intruders claim they stole GlobalX's flight records and manifests
Cyber-crime12 May 2025 | 49
Britain's cyber agents and industry clash over how to tackle shoddy software
CYBERUK Providers argue that if end users prioritized security, they'd get it
CSO12 May 2025 | 76
Curl project founder snaps over deluge of time-sucking AI slop bug reports
Lead dev likens flood to 'effectively being DDoSed'
Security07 May 2025 | 63
Pentagon declares war on 'outdated' software buying, opens fire on open source
(If only that would keep folks off unsanctioned chat app side quests)
Public Sector06 May 2025 | 75
Three Brits charged over 'active shooter threats' swattings in US, Canada
UK starts prosecution days after FBI vowed to clamp down on the crime
Security02 May 2025 | 39
British govt agents step in as Harrods becomes third mega retailer under cyberattack
Experts suggest the obvious: There is an ongoing coordinated attack on UK retail sector
Cyber-crime02 May 2025 | 141
Healthcare group Ascension discloses second cyberattack on patients' data
This time criminals targeted partner’s third-party software
Cyber-crime01 May 2025 | 1
Chris Krebs loses Global Entry membership amid Trump feud
President's campaign continues against man he claims covered up evidence of electoral fraud in 2020
Security01 May 2025 | 36
Data watchdog will leave British Library alone – further probes 'not worth our time'
No MFA? No problem – as long as you show you’ve learned your lesson
Cyber-crime01 May 2025 | 7
Biting the hand that feeds IT
