UK's Cyber Security and Resilience Bill makes Parliamentary debut
Various touch-ups added as MPs seek greater resilience to attacks on critical sectors
Security12 Nov 2025 | 15
CSO
Cyber insurers paid out over twice as much for UK ransomware attacks last year
Massive increase in policy claims… and data doesn’t even cover the major attacks of 2025
Cyber-crime11 Nov 2025 | 13
Cyberpunks mess with Canada's water, energy, and farm systems
Infosec agency warns hacktivists broke into critical infrastructure systems to tamper with controls
Cyber-crime30 Oct 2025 | 17
Trump's workforce cuts blamed as America's cyber edge dulls
The Cyberspace Solarium Commission says years of progress are being undone amid current administration's cuts
Public Sector23 Oct 2025 | 26
Feds flag active exploitation of patched Windows SMB vuln
CISA adds high-severity flaw to KEV list, urges swift updating
Cyber-crime21 Oct 2025 | 6
How malware vaccines could stop ransomware's rampage
Feature Security pros explore whether infection-spoofing code can immunize Windows systems against attack
Security21 Oct 2025 | 24
Take this rob and shove it! Salesforce issues stern retort to ransomware extort
CRM giant 'will not engage, negotiate with, or pay' the scumbags
Cyber-crime08 Oct 2025 | 7
Germany slams brakes on EU's Chat Control device-scanning snoopfest
Berlin's opposition likely kills off Brussels' bid to scan everyone's messages
CSO08 Oct 2025 | 47
Employees regularly paste company secrets into ChatGPT
Microsoft Copilot, not so much
AI + ML07 Oct 2025 | 47
Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Researchers suggest internet-facing portals are exposing 'thousands' of orgs
Cybersecurity Month03 Oct 2025 |
Cybercrims claim raid on 28,000 Red Hat repos, say they have sensitive customer files
570GB of data claimed to be stolen by the Crimson Collective
Cybersecurity Month02 Oct 2025 | 19
Warnings about Cisco vulns under active exploit are falling on deaf ears
50,000 firewall devices still exposed
Patches30 Sep 2025 | 22
Google warns China-linked spies lurking in 'numerous' enterprises
Mandiant CTO anticipates 'hearing about this campaign for the next one to two years'
Research24 Sep 2025 | 8
Politicos: 'There is a good strong case for government intervention' on JLR cyberattack
Covid-style financial support? Nothing to confirm yet, say MPs
Cyber-crime24 Sep 2025 | 23
Workers fear for their jobs as JLR's latest shutdown extended
With no idea when engines restart, families gear down on spending ahead of Christmas
Cyber-crime23 Sep 2025 | 31
UK chancellor Putin the blame on Russia for cyber chaos, but evidence says otherwise
Reeves points finger at Moscow in interview when authorities reckon it's local lads
Cyber-crime23 Sep 2025 | 88
Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug
Outside experts say the vulnerability has probably already been exploited
Patches19 Sep 2025 | 7
One token to pwn them all: Entra ID bug could have granted access to every tenant
Until Microsoft lobbed it into a virtual volcano
Security19 Sep 2025 | 17
UEFI Secure Boot for Linux Arm64 – where do we stand?
Still exotic for now, but moves are afoot
OSes17 Sep 2025 | 31
JLR stuck in neutral as losses skyrocket amid cyberattack cleanup
Latest extension to factory closures takes incident response into fourth week
Cyber-crime16 Sep 2025 | 59
Popular
Retail giant Kingfisher rejects SAP ERP upgrade plan
'Don't just give me a price list or licensing module that spikes cost by 20x, show me the value,' says CTO
Mozilla's Firefox 145 is heeeeeere: Buffs up privacy, bloats AI
Updated Improves tracking prevention, profile management, PDF editing, and Perplexity creeps into your address bar
Broken wizard forces Microsoft to issue out-of-band Windows 10 patch
End of support? Not quite
MS Task Manager turns 30: Creator reveals how a 'very Unixy impulse' endured in Windows
Dave Plummer's 85 KB troubleshooting tool shipped with his home number on the code
Australia’s spy boss says authoritarian nations ready to commit ‘high-impact sabotage’
‘Elite teams’ are pondering cyber-attacks to turn off energy supply or telecoms networks
OpenAI’s viability called into question by reported inference spending with Microsoft
Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues
Tablet market stalls because there’s not much new worth buying
Pre-tariff purchasing panic also helped to end 18-month growth run
China hates crypto and scams, but is now outraged USA acquired bitcoin from a scammer
A new theory from the agency that brought us ‘America hacked itself to blame Beijing’
Russia’s first autonomous humanoid robot staggers and falls on debut
Go home, comrade clanker, you look drunk – and worryingly angry
VLC's keeper of the cone nets European free software gong
Jean-Baptiste Kempf lauded for keeping the media player free of crapware
STORIES
Former FinWise employee may have accessed nearly 700K customer records
Bank says incident went undetected for over a year before discovery in June
Cyber-crime15 Sep 2025 | 4
Nork snoops whip up fake South Korean military ID with help from ChatGPT
Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory
AI + ML15 Sep 2025 | 9
Jaguar Land Rover supply chain workers must get Covid-style support, says union
As post-cyberattack layoffs begin, labor org argues UK goverment should step in
Cybersecurity Month15 Sep 2025 | 56
No gains, just pains as 1.6M fitness phone call recordings exposed online
Exclusive HelloGym's data security clearly skipped leg day
Cyber-crime09 Sep 2025 | 7
PACER buckles under MFA rollout as courts warn of support delays
Busy lawyers on hold for five hours as staff handhold users into deploying the security measure
Cyber-crime08 Sep 2025 | 16
UK government dragged for incomplete security reforms after Afghan leak fallout
Senior officials summoned to science and tech committee to explain further
CSO29 Aug 2025 | 25
Law firm email blunder exposes Church of England abuse victim details
Apology issued after names tied to redress scheme revealed in mass mailing
CSO28 Aug 2025 | 25
US spy chief claims UK backed down over Apple backdoor demand
Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight
CSO19 Aug 2025 | 74
Workday warns of CRM breach after social engineers make off with business contact details
HR SaaS giant insists core systems untouched
CSO18 Aug 2025 | 7
Red teams are safe from robots for now, as AI makes better shield than spear
Black Hat/DEF CON The bad news? The machines, and their operators, are coming on fast
CSO11 Aug 2025 | 4
Deepfake detectors are slowly coming of age, at a time of dire need
DEF CON By video, picture, and voice – the fakers are coming for your money
AI + ML11 Aug 2025 | 6
Ex-White House cyber, counter-terrorism guru: Microsoft considers security an annoyance, not a necessity
Comment Tells The Reg China's ability to p0wn Redmond's wares 'gives me a political aneurysm'
CSO08 Aug 2025 | 40
CISA releases malware analysis for Sharepoint Server attack
Indications of compromise and Sigma rules report for your security scanners amid ongoing 'ToolShell' blitz
CSO07 Aug 2025 |
China says US spies exploited Microsoft Exchange zero-day to steal military info
Spy vs. spy
CSO01 Aug 2025 | 11
Security pros are drowning in threat-intel data and it's making everything more dangerous
Plus, 60% don't have enough analysts to make sense of it
CSO28 Jul 2025 | 17
Phishing platforms, infostealers blamed as identity attacks soar
Get your creds in order or risk BEC, ransomware attacks, orgs warned
CSO07 Jul 2025 |
Supply chain attacks surge with orgs 'flying blind' about dependencies
Who is the third party that does the thing in our thing? Yep. Attacks explode over past year
CSO25 Jun 2025 | 4
Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack
Interview Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI
CSO18 Jun 2025 | 10
23andMe hit with £2.3M fine after exposing genetic data of millions
Penalty follows year-long probe into flaws that allowed attack to affect so many
CSO17 Jun 2025 | 16
Wanted: Junior cybersecurity staff with 10 years' experience and a PhD
Infosec employers demanding too much from early-career recruits, says ISC2
CSO13 Jun 2025 | 75
Slapped wrists for Financial Conduct Authority staff who emailed work data home
It was one of the offenders' final warning
CSO13 Jun 2025 | 20
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
SentinelOne discovered the campaign when they tried to hit the security vendor's own servers
Research09 Jun 2025 | 17
Your ransomware nightmare just came true – now what?
Feature Don't negotiate unless you must, and if so, drag it out as long as you can
CSO06 Jun 2025 | 40
8,000+ Asus routers popped in 'advanced' mystery botnet plot
No formal attribution made but two separate probes hint at the same suspect
Research29 May 2025 | 10
Ivanti makes dedicated fans of Chinese spies who just can't resist attacking its buggy kit
If it ain't broke?
Datacenter Networking Nexus23 May 2025 | 1
'Ongoing' Ivanti hijack bug exploitation reaches clouds
Nothing like insecure code in security suites
CSO21 May 2025 | 4
Ex-NSA bad-guy hunter listened to Scattered Spider's fake help-desk calls: 'Those guys are good'
INTERVIEW Plus, Co-op tells The Reg: 'we took early and decisive action' to block the crooks
CSO18 May 2025 | 66
Fired US govt workers, Uncle Xi wants you! – to apply for this fake consulting gig
Phony LinkedIn recruitment ads? Groundbreaking
Public Sector16 May 2025 | 27
Socket buys Coana to tell you which security alerts you can ignore
Sometimes, less information is more
Security15 May 2025 |
Snowflake CISO on the power of 'shared destiny' and 'yes and'
interview Lessons learned from last year's security snafu
CSO15 May 2025 | 3
Ivanti patches two zero-days under active attack as intel agency warns customers
Vendor says vulns are linked with 2 mystery open source libraries integrated into EPMM product
Patches14 May 2025 | 1
Go ahead and ignore Patch Tuesday – it might improve your security
No rush, according to Gartner chap who says: 'Nobody has ever out-patched threat actors at scale'
Patches14 May 2025 | 34
Everyone's deploying AI, but no one's securing it – what could go wrong?
CYBERUK Crickets as senior security folk asked about risks at NCSC conference
CSO14 May 2025 | 22
Ransomware scum have put a target on the no man's land between IT and operations
Defenses are weaker, and victims are more likely to pay, SANS warns
CSO14 May 2025 | 17
Apple patched one first, but Microsoft’s blasted five exploited flaws this Pa-Tu
Patch Tuesday Plus: All the fun and frolic of fixes from Adobe, SAP, Ivanti
Patches14 May 2025 | 3
Britain's cyber agents and industry clash over how to tackle shoddy software
CYBERUK Providers argue that if end users prioritized security, they'd get it
CSO12 May 2025 | 76
Unending ransomware attacks are a symptom, not the sickness
Opinion We need to make taking IT systems 'off the books' a problem for corporate types
Cyber-crime12 May 2025 | 63
PowerSchool paid thieves to delete stolen student, teacher data. Looks like crooks lied
Now individual school districts extorted by fiends
CSO08 May 2025 | 33
After that 2024 Windows fiasco, CrowdStrike has a plan – job cuts, leaning on AI
CEO: Neural net tech 'flattens our hiring curve, helps us innovate'
CSO07 May 2025 | 14
Super spyware maker NSO must pay Meta $168M in WhatsApp court battle
Don't f&#k with Zuck
CSO06 May 2025 | 17
Computacenter IT guy let girlfriend into Deutsche Bank server rooms, says fired whistleblower
What was the plan, showing her his big iron?
AI Infrastructure Month06 May 2025 | 79
RSA Conf wrap: AI and China on everything, everywhere, all at once
RSAC With North Korean IT workers storming the gates, too
Spotlight on RSAC04 May 2025 | 5
Generative AI makes fraud fluent – from phishing lures to fake lovers
RSAC Real-time video deepfakes? Not convincing yet
Spotlight on RSAC02 May 2025 | 5
How Amazon red-teamed Alexa+ to keep your kids from ordering 50 pizzas
RSAC Will the personal assistant shop for groceries? Or get hijacked by a teen?
Spotlight on RSAC01 May 2025 | 35
Ex-NSA cyber-boss: AI will soon be a great exploit coder
RSAC For now it's a potential bug-finder and friend to defenders
Spotlight on RSAC30 Apr 2025 | 13
Ghost in the shell script: Boffins reckon they can catch bugs before programs run
Go ahead, please do Bash static analysis
CSO30 Apr 2025 | 39
Watch out for any Linux malware sneakily evading syscall-watching antivirus
Google dumped io_uring after $1M in bug bounties
CSO29 Apr 2025 | 17
China is using AI to sharpen every link in its attack chain, FBI warns
RSAC Artificial intelligence is helping Beijing's goons break in faster and stay longer
Spotlight on RSAC29 Apr 2025 | 11
Ex-Disney employee gets 3 years in the clink for goofy attacks on mousey menus
Florida man altered allergen info, DoSed former colleagues
Cyber-crime29 Apr 2025 | 15
Cybersecurity CEO accused of running malware on hospital PC blabs about it on LinkedIn
Updated Sometimes, silence is the best option
CSO28 Apr 2025 | 10
How to survive as a CISO aka 'chief scapegoat officer'
RSAC Whistleblowing, email is evidential mail, HR is not your friend, and more discussed by CxO panel
Spotlight on RSAC28 Apr 2025 | 9
Admission impossible: NSA, CISA brass absent from RSA Conf
RSAC Homeland Security boss Noem added as last-minute keynote, mind you
Spotlight on RSAC28 Apr 2025 | 11
Signalgate lessons learned: If creating a culture of security is the goal, America is screwed
Opinion Infosec is a team sport … unless you're in the White House
Public Sector25 Apr 2025 | 98
Amid CVE funding fumble, 'we were mushrooms, kept in the dark,' says board member
What next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global future
CSO25 Apr 2025 | 17
Emergency patch for potential SAP zero-day that could grant full system control
German software giant paywalls details, but experts piece together the clues
Patches25 Apr 2025 | 2
Darcula adds AI to its DIY phishing kits to help would-be vampires bleed victims dry
Because coding phishing sites from scratch is a real pain in the neck
Cyber-crime25 Apr 2025 | 5
Your vendor may be the weakest link: Percentage of third-party breaches doubled in a year
Cybercriminals are targeting software shops, accountants, lawyers
CSO24 Apr 2025 | 2
Blue Shield says it shared health info on up to 4.7M patients with Google Ads
Tech giants don't need smartphone mics to target adverts – your insurer just gives your data away, anyway
CSO23 Apr 2025 | 25
We’re calling it now: Agentic AI will win RSAC buzzword Bingo
RSAC All aboard the hype train
Spotlight on RSAC23 Apr 2025 | 8
Who needs phishing when your login's already in the wild?
Stolen credentials edge out email tricks for cloud break-ins because they're so easy to get
CSO23 Apr 2025 | 11
America's cyber defenses are being dismantled from the inside
Opinion The CVE system nearly dying shows that someone has lost the plot
CSO23 Apr 2025 | 93
Two CISA officials jump ship, both proud of pushing for Secure by Design software
As cyber-agency faces cuts, makes noises about switching up program
Public Sector22 Apr 2025 | 11
A pot of $250K is now available to ransomware researchers, but it feeds a commercial product
Security bods can earn up to $10K per report
Research22 Apr 2025 | 3
Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
10 other certificates 'were mis-issued and have now been revoked'
CSO22 Apr 2025 | 13
Today's LLMs craft exploits from patches at lightning speed
Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours
AI Software Development Week21 Apr 2025 | 19
Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days
It's now hitting govt, enterprise targets
CSO21 Apr 2025 | 31
Oracle hopes talk of cloud data theft dies off. CISA just resurrected it for Easter
Some in the infosec world definitely want to see Big Red crucified
CSO18 Apr 2025 | 6
CVE fallout: The splintering of the standard vulnerability tracking system has begun
Comment MITRE, EUVD, GCVE … WTF?
Spotlight on RSAC18 Apr 2025 | 88
Krebs throws himself on the grenade, resigns from SentinelOne after Trump revokes clearances
Illegitimi non carborundum? Nice password, Mr Ex-CISA
Spotlight on RSAC17 Apr 2025 | 69
Whistleblower describes DOGE IT dept rampage at America's labor watchdog
Ignored infosec rules, exfiltrated data … then the mysterious login attempts from a Russian IP address began – claim
CSO17 Apr 2025 | 52
Signalgate chats vanish from CIA chief phone
Extraordinary rendition of data, or just dropped it out of a helicopter?
CSO16 Apr 2025 | 22
CVE program gets last-minute funding from CISA – and maybe a new home
Uncertainty is the new certainty
CSO16 Apr 2025 | 32
Guess what happens when ransomware fiends find 'insurance' 'policy' in your files
It involves a number close to three or six depending on the pickle you're in
Spotlight on RSAC16 Apr 2025 | 20
Uncle Sam kills funding for CVE program. Yes, that CVE program
Updated Because vulnerability management has nothing to do with national security, right?
CSO16 Apr 2025 | 178
All right, you can have one: DOGE access to Treasury IT OK'd judge
Login green-lit for lone staffer if he’s trained, papered up, won’t pull an Elez
Public Sector15 Apr 2025 | 18
New SSL/TLS certs to each live no longer than 47 days by 2029
IT admins, get ready to grumble
CSO14 Apr 2025 | 126
Hacktivism resurges – but don't be fooled, it's often state-backed goons in masks
Feature Military units, government nerds appear to join the fray, with physical infra in sights
CSO13 Apr 2025 | 7
LLMs can't stop making up software dependencies and sabotaging everything
Hallucinated package names fuel 'slopsquatting'
AI Software Development Week12 Apr 2025 | 98
Infosec experts fear China could retaliate against tariffs with a Typhoon attack
World War Fee Scammers are already cashing in with fake invoices for import costs
CSO10 Apr 2025 | 31
Trump kills clearances for infosec's SentinelOne, ex-CISA boss Chris Krebs
Updated Alleges cybersecurity agency was ‘weaponized’ to suppress debunked theories
Public Sector10 Apr 2025 | 108
Biting the hand that feeds IT
