Security News • The Register

Security

Microsoft offers vintage Exchange and Skype server users six more months of security updates

It looks like enough of you are struggling to migrate that Redmond is willing to help out – for a price that might buy nothing

Patches17 Jul 2025 |

Ukrainian hackers claim to have destroyed major Russian drone maker's entire network

'Deeply penetrated' Gaskar 'to the very tonsils of demilitarization'

Security16 Jul 2025 | 15

Operation Eastwood shutters 100+ servers used to DDoS websites supporting Ukraine

Two Russian suspects in cuffs, seven warrants out

Cyber-crime16 Jul 2025 | 5

Crims hijacking fully patched SonicWall VPNs to deploy stealthy backdoor and rootkit

Updated Someone's OVERSTEPing the mark

Research16 Jul 2025 | 3

Retailer Co-op: Attackers snatched all 6.5M member records

Supermarket announces white hat education scheme as four suspects released on bail

Cyber-crime16 Jul 2025 | 21

Turbulence at Air Serbia, the latest airline under cyber siege

Exclusive Attack enters day 11 and still no public disclosure of what insider claims to be 'deep breach' of Active Directory

Cyber-crime16 Jul 2025 |

Security shop Adarma ceases trading, confirms it will enter administration

Former staffers of struggling UK biz say they don’t expect to be paid for July

Security16 Jul 2025 | 1

Curl creator mulls nixing bug bounty awards to stop AI slop

Maintainers struggle to handle growing flow of low-quality bug reports written by bots

AI + ML15 Jul 2025 | 20

Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion

File this one under what not to search if you've committed a crime

Cyber-crime15 Jul 2025 | 12

Britain's billion-pound F-35s not quite ready for, well, anything

Stealth jets can't fight, can't fly much, and can't shoot UK missiles, says NAO

Security15 Jul 2025 | 170

Someone hijacked Elmo's X account to post antisemitic rants

Anyone investigated Grok? Just sayin'…

Cyber-crime14 Jul 2025 | 21

Nvidia A6000 GPUs flip memory bits if beaten by GPUHammer

Rowhammer returns for more memory-meddling fun

Research14 Jul 2025 | 4

A software-defined radio can derail a US train by slamming the brakes on remotely

Updated Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there

Security14 Jul 2025 | 70

GPS on the fritz? Britain and France plot a backup plan

Cross-Channel pact aims to bolster navigation and timing tech as satellite signals face growing jamming threats

Networks14 Jul 2025 | 68

UK's NCA disputes claim it's nearly three times less efficient than the FBI

Report on serious organized crime fails to account for differences, agency says

Cyber-crime14 Jul 2025 | 28

Iran seeks at least three cloud providers to power its government

Despite loathing the USA, Iran wants providers who match NIST’s definition of cloud computing

Public Sector14 Jul 2025 | 9

Nvidia warns its GPUs – even Blackwells – need protection against Rowhammer attacks

Infosec In Brief PLUS: Bluetooth mess leaves cars exposed; Bitcoin ATMs attacked; Deepfakers imitate US secretary of state Marco Rubio; and more

Security13 Jul 2025 | 7

You have a fake North Korean IT worker problem – here's how to stop it

Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another

Cyber-crime13 Jul 2025 | 112

CVSS 10 RCE in Wing FTP exploited within 24 hours, security researchers warn

Intruders looked up how to use curl mid-attack - rookie errors kept damage minimal

Patches11 Jul 2025 | 12

UK Online Safety Act 'not up to scratch' on misinformation, warn MPs

Last summer's riots show how some content can be harmful but not illegal

Cyber-crime11 Jul 2025 | 77

Popular

Nearly 3 out of 4 Oracle Java users say they've been audited in the past 3 years

Big Red’s changes to Java licensing also inspire exodus to open source

Britain's billion-pound F-35s not quite ready for, well, anything

Stealth jets can't fight, can't fly much, and can't shoot UK missiles, says NAO

VMware reboots its partner program again – and it looks like smaller players are out

Exclusive Second major change in 18 months will be most unwelcome for many - as will critical flaws announced today

Curl creator mulls nixing bug bounty awards to stop AI slop

Maintainers struggle to handle growing flow of low-quality bug reports written by bots

Former Google DeepMind engineer behind Simular says other AI agents are doing it wrong

Simular is starting with industries like insurance and healthcare with tons of forms to fill

AI creeps into the risk register for America's biggest firms

S&P 500 businesses warn investors they may never see ROI in SEC filings

Scientists spot massive black hole collision that defies current theories

Off-the-charts gravitational waves ripple out from merged dead stars

With Tomahawk Ultra, Broadcom asks who needs UALink when there's Ethernet?

The never Nvidia networking party just got another option

If you want a picture of the future, imagine humans checking AI didn't make a mistake – forever

Column CEOs will chase illusory profits as workers are left to pick defective items from an agentic production line

Meta reveals plan for several multi-gigawatt datacenter clusters

First, Zuck takes Manhattan. Then he might actually deliver a product that matters

MORE
STORIES

Security company hired a used car salesman to build a website, and it didn't end well

On Call First came the dodgy lawyer, then the explosively angry HR person, leaving a whistleblower techie to save his career

Security11 Jul 2025 | 90

French cops cuff Russian pro basketball player on ransomware charges

'He's useless with computers and can't even install an application' says lawyer

Cyber-crime11 Jul 2025 | 15

Chinese censorship-busters claim Tencent is trying to kill its WeChat archive

UPDATED Alleges Singaporean infosec outfit sent feeble legal demands to hosting company, which caved

Security11 Jul 2025 | 5

Lovestruck US Air Force worker admits leaking secrets on dating app

Oh my sweet secret informant lover, what happened in that NATO meeting today?

Security10 Jul 2025 | 34

Now everybody but Citrix agrees that CitrixBleed 2 is under exploit

Updated Add CISA to the list

Patches10 Jul 2025 | 3

Ex-ASML engineer who stole chip tech for Russia gets three years in Dutch prison

'Whether those files were allowed to go to Russia? I didn't ask'

Cyber-crime10 Jul 2025 | 5

Russia, hotbed of cybercrime, says nyet to ethical hacking bill

Politicians uneasy over potential impact on national security, local reports say

Security10 Jul 2025 | 4

NCA arrests four in connection with UK retail ransomware attacks

Crime-fighting agency cagey on details, probes into intrusions at M&S, Harrods, and Co-op continue

Cyber-crime10 Jul 2025 | 16

Sovereign-ish: Google Cloud keeps AI data in UK, but not the support

Processing and storage for Gemini 2.5 Flash to stay in Blighty

AI + ML10 Jul 2025 | 6

Review: How Passwork 7 helps tame business passwords

A simple interface and new roles-based capabilities make this venerable password manager an attractive proposition

Sponsored feature

At last, a use case for AI agents with sky-high ROI: Stealing crypto

Boffins outsmart smart contracts with evil automation

AI + ML10 Jul 2025 | 14

How to trick ChatGPT into revealing Windows keys? I give up

No, really, those are the magic words

Research09 Jul 2025 | 101

US sanctions alleged North Korean IT sweatshop leader

Turns out outsourcing coders to bankroll Kim’s nukes doesn’t jibe with Uncle Sam

Cyber-crime09 Jul 2025 | 4

AMD warns of new Meltdown, Spectre-like bugs affecting CPUs

Low-severity bugs but infosec pros claim they are a 'critical' overall threat – patch accordingly

Security09 Jul 2025 | 27

The cloud-native imperative for effective cyber resilience

Modern threats demand modern defenses. Cloud-native is the new baseline

Partner content

Reframing investments in security as investments in the business

A little skill in business communication can help get the board on board

Partner content

Qantas begins telling some customers that mystery attackers have their home address

Plus: Confirms less serious data points like meal preferences also leaked

Cyber-crime09 Jul 2025 | 13

Ingram Micro restarts orders – for some – following ransomware attack

Customers say things are still far from perfect as lengthy support queues hamper business dealings

Cyber-crime09 Jul 2025 | 1

Privacy campaigners pour cold water on London cops' 1,000 facial recognition arrests

Activists argue the resources spent on tech aren't leading to worthwhile numbers

Security09 Jul 2025 | 32

Iranian ransomware crew reemerges, promises big bucks for attacks on US or Israel

Tells would-be affiliates they don't need to worry because cyberattacks don't violate a cease fire

Security09 Jul 2025 | 7

Microsoft enjoys first Patch Tuesday of 2025 with no active exploits

Sure, 130 fixes were sent out, but bask in the security goodness

Patches08 Jul 2025 | 15

Massive browser hijacking campaign infects 2.3M Chrome, Edge users

updated These extensions weren't malware-laced from the start, researcher says

Research08 Jul 2025 | 39

The cloud-native imperative for effective cyber resilience

Archive deleted

Archive deleted

SUSE launching region-locked support for the sovereignty-conscious

Move targets European orgs wary of cross-border data exposure

Software08 Jul 2025 | 13

Suspected Chinese cybersnoop grounded in Italy after US tipoff

Zewei Xu's family reportedly bemused at arrest as extradition tabled

Security08 Jul 2025 | 10

Is your password ecosystem ready for the regulators?

The clipboard warriors are coming. Time to check on your password management

Sponsored feature

Suspected Scattered Spider domains target everyone from manufacturers to Chipotle

Plus: Qantas makes contact with 'potential cyber criminal'

Security08 Jul 2025 | 3

CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands

NetScaler vendor issued a patch but otherwise, stony silence

Patches07 Jul 2025 | 6

Phishing platforms, infostealers blamed as identity attacks soar

Get your creds in order or risk BEC, ransomware attacks, orgs warned

CSO07 Jul 2025 |

Stalkerware firm gets scooped by SQL-slinging security snoop

Infosec In Brief Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more

Security06 Jul 2025 | 1

Ingram Micro confirms ransomware behind multi-day outage

Updated SafePay crew claims responsibility for intrusion at one of world's largest tech distributors

Cyber-crime06 Jul 2025 | 18

Massive spike in use of .es domains for phishing abuse

¡Cuidado! Time to double-check before entering your Microsoft creds

Security05 Jul 2025 | 18

Microsoft Windows Firewall complains about Microsoft code

Just ignore the warnings. Nothing to see here. Move along

Security03 Jul 2025 | 21

Young Consulting finds even more folks affected in breach mess – now over 1 million

The insurance SaaS slinger may trade under a different name, but past continues to haunt it

Cyber-crime03 Jul 2025 | 1

Meta calls €200M EU fine over pay-or-consent ad model 'unlawful'

'Deserves fair compensation for the valuable and innovative services'? Which ones are those then?

Personal Tech03 Jul 2025 | 65

Ransomware crew Hunters International shuts down, hands out keys to victims

Don't let their kind words sway you – leaders are still up to no good

Cyber-crime03 Jul 2025 | 5

Let's Encrypt rolls out free security certs for IP addresses

You probably don't need one, but it's nice to have the option

Security03 Jul 2025 | 55

ChatGPT creates phisher’s paradise by recommending the wrong URLs for major companies

Crims have cottoned on to a new way to lead you astray

Research03 Jul 2025 | 24

Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform

The second max score this week for Netzilla - not a good look

Patches02 Jul 2025 | 14

CISA warns the Signal clone used by natsec staffers is being attacked, so patch now

Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

Patches02 Jul 2025 | 7

23andMe's new owner says your DNA is safe this time

Nonprofit TTAM assures everything is BAU. Whether that makes customers feel better is another matter

Cyber-crime02 Jul 2025 | 18

US imposes sanctions on second Russian bulletproof hosting vehicle this year

Aeza Group accused of assisting data bandits and BianLian ransomware crooks

Cyber-crime02 Jul 2025 | 10

Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks

Experts say they don't expect the MOVEit menace to do much about it

Research02 Jul 2025 | 3

UK eyes new laws as cable sabotage blurs line between war and peace

It might be time to update the Submarine Telegraph Act of 1885

Networks02 Jul 2025 | 82

Australian airline Qantas reveals data theft impacting six million customers

Frequent flyers’ info takes flight

Security02 Jul 2025 | 17

Microsoft admits to Intune forgetfulness

Customizations not saved with security baseline policy update

Patches01 Jul 2025 | 8

International Criminal Court swats away 'sophisticated and targeted' cyberattack

Body stays coy on details but alludes to similarities with 2023 espionage campaign

Cyber-crime01 Jul 2025 | 4

Terrible tales of opsec oversights: How cybercrooks get themselves caught

The silly mistakes to the flagrant failures

Security01 Jul 2025 | 14

Proton bashes Apple and joins antitrust suit that seeks to throw the App Store wide open

Makes the usual complaints about control and cost, adds argument Apple's practices harm privacy

Legal01 Jul 2025 | 18

US shuts down a string of North Korean IT worker scams

Resulting in two indictments, one arrest, and 137 laptops seized

Cyber-crime30 Jun 2025 | 1

British IT worker sentenced to seven months after trashing company network

Don't leave the door open to disgruntled workers

Cyber-crime30 Jun 2025 | 91

Scattered Spider crime spree takes flight as focus turns to aviation sector

Time ticking for defenders as social engineering pros weave wider web

Cyber-crime30 Jun 2025 | 2

Sinaloa drug cartel hired a cybersnoop to identify and kill FBI informants

Device compromises and deep-seated access to critical infrastructure exposed surveillance vulnerabilities in agency's work

Security30 Jun 2025 | 11

Your browser has ad tech's fingerprints all over it, but there's a clean-up squad in town

Opinion Like being hard to spot? They’d much rather you didn’t

Security30 Jun 2025 | 53

Canada orders Chinese CCTV biz Hikvision to quit the country ASAP

Asia In Brief PLUS: Broadband blimps to fly in Japan; Starbucks China put ads before privacy; and more!

Public Sector30 Jun 2025 | 30

It's 2025 and almost half of you are still paying ransomware operators

Infosec in Brief PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more

Security30 Jun 2025 | 2

Ex-NATO hacker: 'In the cyber world, there's no such thing as a ceasefire'

interview Watch out for supply chain hacks especially

Cyber-crime28 Jun 2025 | 61

Crims are posing as insurance companies to steal health records and payment info

Taking advantage of the ridiculously complex US healthcare billing system

Cyber-crime27 Jun 2025 | 7

Cisco punts network-security integration as key for agentic AI

Getting it in might mean re-racking the entire datacenter and rebuilding the network, though

Datacenter Networking Nexus27 Jun 2025 | 6

Aloha, you’ve been pwned: Hawaiian Airlines discloses ‘cybersecurity event’

update 'No impact on safety,' FAA tells The Reg

Cyber-crime27 Jun 2025 |

So you CAN turn an entire car into a video game controller

Pen Test Partners hijack data from Renault Clio to steer, brake, and accelerate in SuperTuxKart

Offbeat27 Jun 2025 | 35

Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack

Finance, health, and national identification details compromised

Cyber-crime27 Jun 2025 | 4

FBI used bitcoin wallet records to peg notorious IntelBroker as UK national

Pro tip: Don't use your personal email account on BreachForums

Cyber-crime26 Jun 2025 | 31

What if Microsoft just turned you off? Security pro counts the cost of dependency

Comment Czech researcher lays out a business case for reducing reliance on Redmond

Security26 Jun 2025 | 116

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

A 10.0 and a 9.8 – these aren’t patches to dwell on

Datacenter Networking Nexus26 Jun 2025 | 4

Glasgow City Council online services crippled following cyberattack

Nothing confirmed but authority is operating under the assumption that data has been stolen

Cyber-crime26 Jun 2025 | 14

Qilin ransomware attack on NHS supplier contributed to patient fatality

Pathology outage caused by Synnovis breach linked to harm across dozens of healthcare facilities

Cyber-crime26 Jun 2025 | 7

UK to buy nuclear-capable F-35As that can't be refueled from RAF tankers

Aircraft meant to bolster NATO deterrent will rely on allied support to stay airborne

Security26 Jun 2025 | 276

Frozen foods supermarket chain deploys facial recognition tech

Privacy campaigner brands Iceland's use of 'Orwellian' camera tech 'chilling,' CEO responds: 'It'll cut violent crime'

Security26 Jun 2025 | 118

That WhatsApp from an Israeli infosec expert could be a Iranian phish

Charming Kitten unsheathes its claws and tries to catch credentials

Cyber-crime26 Jun 2025 | 2

Citrix bleeds again: This time a zero-day exploited - patch now

Two emergency patches issued in two weeks

Patches25 Jun 2025 | 1

Amazon's Ring can now use AI to 'learn the routines of your residence'

It's meant to cut down on false positives but could be a trove for mischief-makers

Security25 Jun 2025 | 75

Computer vision research feeds surveillance tech as patent links spike 5×

A bottomless appetite for tracking people as 'objects'

Research25 Jun 2025 | 3

Supply chain attacks surge with orgs 'flying blind' about dependencies

Who is the third party that does the thing in our thing? Yep. Attacks explode over past year

CSO25 Jun 2025 | 4

French cybercrime police arrest five suspected BreachForums admins

Twentysomethings claimed to be linked to spate of high-profile cybercrimes

Cyber-crime25 Jun 2025 |

UK govt dept website that campaigns against encryption hijacked to advertise ... payday loans

Company at center of findings blamed SEO on outsourcer

Security25 Jun 2025 | 17

Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack

Why are you even reading this story? Patch now!

Patches24 Jun 2025 | 7

Beware of fake SonicWall VPN app that steals users' credentials

A good reminder not to download apps from non-vendor sites

Cyber-crime24 Jun 2025 | 1

The vulnerability management gap no one talks about

If an endpoint goes ping but isn't on the network, does anyone hear it?

Partner content

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Russian judge lets off accused with time served – but others who refused to plead guilty face years in penal colony

Cyber-crime24 Jun 2025 | 9

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2025