CISA won't attend infosec industry's biggest conference this year
exclusive But ex-CISA boss and new RSAC CEO Jen Easterly will be there
Security24 Jan 2026 | 2
Security
Patch or die: VMware vCenter Server bug fixed in 2024 under attack today
If you skipped it back then, now’s a very good time
Patches23 Jan 2026 | 4
Surrender as a service: Microsoft unlocks BitLocker for feds
updated If you're serious about encryption, keep control of your encryption keys
Security23 Jan 2026 | 14
ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs
'A lot more' victims to come, we're told
Cyber-crime23 Jan 2026 | 2
AI-powered cyberattack kits are 'just a matter of time,' warns Google exec
Security chief says criminals are already automating workflows, with full end-to-end tools likely within years
CSO23 Jan 2026 | 4
Fortinet admits FortiGate SSO bug still exploitable despite December patch
Fix didn't quite do the job – attackers spotted logging in
CSO23 Jan 2026 | 2
London boroughs limping back online months after cyberattack
Direct debits? Maybe February. Birth certificates? Dream on. Council tax bills? Oh, those are coming
Cyber-crime23 Jan 2026 | 7
Marching orders delayed: Veterans' Digital ID off to a slow start
Much owed to the few, but takeup is under 1%
Public Sector23 Jan 2026 | 52
Crims hit the easy button for Scattered-Spider style helpdesk scams
Teach a crook to phish…
Cyber-crime22 Jan 2026 |
Crims compromised energy firms' Microsoft accounts, sent 600 phishing emails
Logging in, not breaking in
Cyber-crime22 Jan 2026 | 2
FortiGate firewalls hit by silent SSO intrusions and config theft
Admins say attackers are still getting in despite recent patches
Cyber-crime22 Jan 2026 | 4
Europe's GDPR cops dished out €1.2B in fines last year as data breaches piled up
Regulators logged over 400 personal data breach notifications a day for first time since law came into force
Security22 Jan 2026 | 7
Bank of England: Financial sector failing to implement basic cybersecurity controls
Mind the cyber gap – similar flaws highlighted multiple years in a row
Security22 Jan 2026 | 5
Ancient telnet bug happily hands out root to attackers
Critical vuln flew under the radar for a decade
Patches22 Jan 2026 | 36
Another week, another emergency patch as Cisco plugs Unified Comms zero-day
The critical-rated flaw leaves unpatched systems open to full takeover
Networks22 Jan 2026 | 1
Davos discussion mulls how to keep AI agents from running wild
Where the shiny new FOMO object collides with insider-threat reality
Security21 Jan 2026 | 10
Don't click on the LastPass 'create backup' link - it's a scam
updated Phishing campaign tries to reel in master passwords
Cyber-crime21 Jan 2026 | 20
Everest ransomware gang said to be sitting on mountain of Under Armour data
Have I Been Pwned reckons 72.7M customer accounts affected, sportswear firm remains silent
Cyber-crime21 Jan 2026 | 6
EU considers whether there's Huawei of axing Chinese kit from networks within 3 years
Still dominant in Germany's networks, among others
Networks21 Jan 2026 | 15
Ireland wants to give its cops spyware, ability to crack encrypted messages
Its very own Snooper’s Charter comes a month after proposed biometric tech expansion
Security21 Jan 2026 | 30
Popular
Ancient telnet bug happily hands out root to attackers
Critical vuln flew under the radar for a decade
PowerShell architect retires after decades at the prompt
After Microsoft, Google, and a long fight for automation, Jeffrey Snover hangs up his keyboard
Anthropic writes 23,000-word 'constitution' for Claude, suggests it may have feelings
Describes its LLMs as an ‘entity’ that probably has something like emotions
Microsoft 365 outage drags on for nearly 10 hours during bad night for North American infra
Down to 364.5 already: Redmond's crappy 2026 continues
Cursor used agents to write a browser, proving AI can write shoddy code at scale
Project kind-of worked but left a lot of messes for humans to clean up
Tech support detective solved PC crime by looking in the carpark
On Call Overnight action made for a sticky situation in the candy factory
Debian's FreedomBox Blend promises an easier home cloud
Hands On There are other home server, NAS, and media-streaming distros, but this aspires to much more
FortiGate firewalls hit by silent SSO intrusions and config theft
Admins say attackers are still getting in despite recent patches
Bank of England: Financial sector failing to implement basic cybersecurity controls
Mind the cyber gap – similar flaws highlighted multiple years in a row
Another week, another emergency patch as Cisco plugs Unified Comms zero-day
The critical-rated flaw leaves unpatched systems open to full takeover
STORIES
Best of British: UK's infosec envoys include Cisco, Palo Alto, and Accenture
Minister unwraps ambassadors of the Software Security Code of Practice
Security21 Jan 2026 | 6
Curl shutters bug bounty program to remove incentive for submitting AI slop
Maintainer hopes hackers send bug reports anyway, will keep shaming ‘silly' ones
Security21 Jan 2026 | 10
Cloudflare whacks WAF bypass bug that opened side door for attackers
ACME validation had a challenge-request hole
Patches20 Jan 2026 | 1
Remember VoidLink, the cloud-targeting Linux malware? An AI agent wrote it
AI + skilled malware developers = security threat
Security20 Jan 2026 | 4
AI framework flaws put enterprise clouds at risk of takeover
Update Chainlit to the latest version ASAP
Security20 Jan 2026 | 4
Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution
Prompt injection for the win
Patches20 Jan 2026 | 8
For the price of Netflix, crooks can now rent AI to run cybercrime
Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices
Research20 Jan 2026 | 3
Akamai CEO wants help to defeat piracy, reckons he can handle edge AI alone
Interview OG CDN boss says fighting illegal streams is about stopping criminals cashing in, not free speech
Legal20 Jan 2026 | 12
Broker who sold malware to the FBI set for sentencing
Feras Albashiti faces 10 years after $20,000 in sales to undercover agent exposed ransomware ties
Cyber-crime19 Jan 2026 | 11
Don't underestimate pro-Russia hacktivists, warns UK's cyber crew
They’re not the most sophisticated, but even simple attacks can lead to costly consequences
Cyber-crime19 Jan 2026 | 24
Windows 11 shutdown bug forces Microsoft into out-of-band damage control
Ships emergency update to fix a Patch Tuesday misfire that prevented systems from switching off
OSes19 Jan 2026 | 44
Ingram Micro admits summer ransomware raid exposed thousands of staff records
Maine filing confirms July attack affected 42,521 employees and job applicants
Cyber-crime19 Jan 2026 |
UK prime minister stares down barrel of ban on social media for kids
Labour's latest U-turn? 61 backbenchers pile pressure for Starmer to back Tory peer's amendment
Public Sector19 Jan 2026 | 81
Warwickshire school to reopen after cyberattack crippled IT
Kids return to classrooms after safety infrastructure knocked out
Cyber-crime19 Jan 2026 | 44
Royal Navy's helicopter drone makes its first autonomous flight
Capable of carrying 1-ton payload and key to strategy protecting North Atlantic from Russian submarines
Public Sector19 Jan 2026 | 111
ATM maintenance tech broke the bank by forgetting to return a key
Who, Me? Bank staff wore the blame for a silly security slip
Security19 Jan 2026 | 138
Microsoft hiring energy strategists to power its Asian datacenters
Asia In Brief PLUS: ASUS gets into healthcare gadgets; Vietnam’s first fab; Australia's child social ban takes out 4.7 million accounts; And more!
Off-Prem19 Jan 2026 |
Mandiant releases quick credential cracker, to hasten the death of a bad protocol
Infosec In Brief PLUS: Navy spy sent to brig for 200 months; Black Axe busted again; Bill aims to crimp ICE apps; and more
Security18 Jan 2026 | 2
Fast Pair, loose security: Bluetooth accessories open to silent hijack
Sloppy implementation of Google spec leaves 'hundreds of millions' of devices vulnerable
Research17 Jan 2026 | 35
Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch
Microsoft claims it's a Secure Launch bug
Patches16 Jan 2026 | 113
German cops add Black Basta boss to EU most-wanted list
Ransomware kingpin who escaped Armenian custody is believed to be lying low back home
Cyber-crime16 Jan 2026 | 1
RondoDox botnet linked to large-scale exploit of critical HPE OneView bug
Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire
Cyber-crime16 Jan 2026 | 2
Bankrupt scooter startup left one private key to rule them all
Owner reverse-engineered his ride, revealing authentication was never properly individualized
Security16 Jan 2026 | 70
Probably not the best security in the world: Carlsberg wristbands spill visitor pics
Exclusive Researcher shows how anyone can access Copenhagen experience attendees' names, videos
Security16 Jan 2026 | 9
Cisco finally fixes max-severity bug under active attack for weeks
This is a threat to security - and to the weekend for some unlucky netadmins
Patches15 Jan 2026 | 2
Chinese spies used Maduro's capture as a lure to phish US govt agencies
What's next for Venezuela? Click on the file and see
Cyber-crime15 Jan 2026 | 20
Flipping one bit leaves AMD CPUs open to VM vuln
Fix landed in July, but OEM firmware updates are required
Security15 Jan 2026 | 23
Contagious Claude Code bug Anthropic ignored promptly spreads to Cowork
Office workers without AI experience warned to watch for prompt injection attacks - good luck with that
Security15 Jan 2026 | 9
A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'
And it's 'not unique to AWS,' researcher tells The Reg
Research15 Jan 2026 | 12
US regulator tells GM to hit the brakes on customer tracking
Smart Driver pitched as safety app, but feds claim it's a data-harvesting scheme that jacked up premiums
Security15 Jan 2026 | 37
Woman bailed as cops probe doctor's surgery data breach
Suspect assisting West Midlands Police over alleged theft at Walsall GP practice
Security15 Jan 2026 | 24
Microsoft taps UK courts to dismantle cybercrime host RedVDS
Redmond says cheap virtual desktops powered a global wave of phishing and fraud
Cyber-crime15 Jan 2026 | 4
Ofcom keeps X under the microscope despite Grok 'nudify' fix
Cold milk poured over 'spicy mode,' but it might not be enough to escape a huge fine
AI + ML15 Jan 2026 | 21
AWS flips switch on Euro cloud as customers fret about digital sovereignty
EU-only ops, German subsidiaries, and a pinky promise your data won't end up in Uncle Sam's hands
PaaS + IaaS15 Jan 2026 | 74
CrowdStrike shareholders lose battle to recoup losses from 2024 outage
Investors didn't present a valid claim, says judge, but they're welcome to try again
Security14 Jan 2026 | 7
New Linux malware targets the cloud, steals creds, and then vanishes
Cloud-native, 37 plugins … an attacker's dream
Security14 Jan 2026 | 14
France fines telcos €42M for sub-par security prior to 24M customer breach
Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits
Cyber-crime14 Jan 2026 | 10
'Imagination the limit': DeadLock ransomware gang using smart contracts to hide their work
New crooks on the block get crafty with blockchain to evade defenses
Research14 Jan 2026 | 2
Cyber-stricken Belgian hospitals refuse ambulances, transfer critical patients
Attack enters second day with major disruption to healthcare provision
Cyber-crime14 Jan 2026 | 5
Eurail passengers taken for a ride as data breach spills passports, bank details
Travel biz tells customers to change passwords beyond its own services
Cyber-crime14 Jan 2026 | 17
UK backtracks on digital ID requirement for right to work
U-turn leaves questions on costs, funding, and benefits unanswered
Public Sector14 Jan 2026 | 155
Spanish power giant sparks breach probe amid claims of massive data grab
Endesa says payment info stolen after alleged crook boasted of 1 TB-plus haul
Cyber-crime14 Jan 2026 | 10
Anthropic finds $1.5 million to help Python Foundation improve security
AI upstart also upscales its Labs to find the next frontier
Security14 Jan 2026 |
Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm
First Patch Tuesday of 2026 goes big
Security14 Jan 2026 | 3
Popular Python libraries used in Hugging Face models subject to poisoned metadata attack
The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group
Patches13 Jan 2026 | 1
AI and automation could erase 10.4 million US roles by 2030
AI-pocalypse Forrester models slow, structural shift rather than sudden employment collapse
AI + ML13 Jan 2026 | 13
Dutch cops cuff alleged AVCheck malware kingpin in Amsterdam
33-year-old was under surveillance for some time before returning home from the UAE
Cyber-crime13 Jan 2026 | 7
Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list
Git server flaw that attackers have been abusing for months has now caught the attention of US cyber cops
Security13 Jan 2026 | 2
Mandiant open sources tool to prevent leaky Salesforce misconfigs
AuraInspector automates the most common abuses and generates fixes for customers
SaaS13 Jan 2026 |
Court tosses appeal by hacker who opened port to coke smugglers with malware
Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats
Cyber-crime13 Jan 2026 | 31
Britain goes shopping for a rapid-fire missile to help Ukraine hit back
Project Nightfall aims to deliver a UK-built long-range strike capability at speed
Public Sector13 Jan 2026 | 115
India demands crypto outfits geolocate customers, get a selfie to prove they’re real
Government is fed up with bad actors using digi-cash to fund dodgy deeds
Public Sector13 Jan 2026 | 9
No fire sale for firewalls as memory shortages could push prices higher
In SEC filings, Fortinet and Palo Alto show shrinking product margins taking hold.
Security12 Jan 2026 | 4
'Violence-as-a-service' suspect arrested in Iraq, extradition underway
Gang members 'systematically exploited children and young people,' cops say
Cyber-crime12 Jan 2026 | 9
Businesses in 2026: Maybe we should finally look into that AI security stuff
Survey finds security checks nearly doubled in a year as leaders wise up
AI + ML12 Jan 2026 |
Block CISO: We red-teamed our own AI agent to run an infostealer on an employee laptop
exclusive Agents must be 'safer and better than humans,' James Nettesheim tells The Reg
Security12 Jan 2026 | 1
Infamous BreachForums forum breached, spilling data on 325K users
Updated Website built around buying and selling stolen data has lost control of its own
Cyber-crime12 Jan 2026 | 9
Ofcom officially investigating X as Grok's nudify button stays switched on
Tech minister Liz Kendall says the government will back a robust regulatory response
AI + ML12 Jan 2026 | 88
Tories vow to boot under-16s off social media and ban phones in schools
Opposition leader Kemi Badenoch pitches age limits and classroom curbs as fixes for behavior and mental health
Personal Tech12 Jan 2026 | 60
India’s government denies it plans to demand smartphone source code
Says ongoing talks about security are about understanding best practice, not strong-arming vendors
Security12 Jan 2026 | 5
Malaysia and Indonesia block X over failure to curb deepfake smut
Asia in Brief PLUS: Cambodia arrests alleged scam camp boss; Baidu spins out chip biz; Panasonic’s noodle shop plan; And more!
Legal12 Jan 2026 | 28
Meta admits to Instagram password reset mess, denies data leak
infosec in brief PLUS: Veeam patches critical vuln; Crims bribing dark web insiders; UK school takedown; And more
Security11 Jan 2026 | 7
UK government exempting itself from flagship cyber law inspires little confidence
ANALYSIS Ministers promise equivalent standards just without the legal obligation
Cyber-crime10 Jan 2026 | 40
How hackers are fighting back against ICE surveillance tech
Remember when government agents didn't wear masks?
Security09 Jan 2026 | 121
Putinswap: France trades alleged ransomware crook for conflict researcher
Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant
Cyber-crime09 Jan 2026 | 11
QR codes a powerful new phishing weapon in hands of Pyongyang cyberspies
State-backed attackers are using QR codes to slip past enterprise security and help themselves to cloud logins, the FBI says
Cyber-crime09 Jan 2026 | 24
China-linked cybercrims abused VMware ESXi zero-days a year before disclosure
Huntress analysis suggests VM escape bugs were already weaponized in the wild
Virtualization09 Jan 2026 |
Grok told to cover up as UK weighs action over AI 'undressing'
Image generation paywalled on X after ministers and regulators start asking awkward questions
AI + ML09 Jan 2026 | 116
Help desk read irrelevant script, so techies found and fixed their own problem
On Call As you should, when being told the only remedy is deleting everything and starting again
Security09 Jan 2026 | 111
As agents run amok, CrowdStrike's $740M SGNL deal aims to help get a grip on identity security
Authentication is basically solved. Authorization is another thing entirely...
Security08 Jan 2026 | 3
Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit
No reports of active exploitation … yet
Patches08 Jan 2026 | 3
Ransomware attacks kept climbing in 2025 as gangs refused to stay dead
Cop wins hit crime infrastructure, not the people behind it
Cyber-crime08 Jan 2026 | 15
CISA flags actively exploited Office relic alongside fresh HPE flaw
Max-severity OneView hole joins a PowerPoint bug that should've been retired years ago
Cyber-crime08 Jan 2026 | 6
UK regulators swarm X after Grok generated nudes from photos
Lawyers say Musk's platform may face punishment under Online Safety Act priority offenses
AI + ML08 Jan 2026 | 123
Maximum-severity n8n flaw lets randos run your automation server
Unauthenticated RCE means anyone on the network can seize full control
Patches08 Jan 2026 | 12
OpenAI putting bandaids on bandaids as prompt injection problems keep festering
Happy Groundhog Day!
Research08 Jan 2026 | 21
Yes, criminals are using AI to vibe-code malware
Interview They also hallucinate when writing ransomware code
AI + ML08 Jan 2026 | 12
Logitech macOS mouse mayhem traced to expired dev certificate
Company says it dropped the ball, apologizes for wasting people's time
Patches08 Jan 2026 | 48
Cloudflare pours cold water on ‘BGP weirdness preceded US attack on Venezuela’ theory
Suggests rotten routing, not evidence of a cyber-strike before kinetic action
Networks08 Jan 2026 | 14
IBM's AI agent Bob easily duped to run malware, researchers show
Prompt injection lets risky commands slip past guardrails
Security07 Jan 2026 | 14
Biting the hand that feeds IT
