M&S stops online orders as 'cyber incident' issues worsen One step forward and one step back as earlier hopes of progress dashed by latest update Cyber-crime25 Apr 2025 | 15
Darcula adds AI to its DIY phishing kits to help would-be vampires bleed victims dry Because coding phishing sites from scratch is a real pain in the neck Cyber-crime25 Apr 2025 | 4
SSNs and more on 5.5M+ patients feared stolen from Yale Health At least it wasn't Harvard Cyber-crime24 Apr 2025 | 5
M&S takes systems offline as 'cyber incident' lingers Customers told to expect further delays as contactless payments still down Cyber-crime24 Apr 2025 | 12
Ransomware scum and other crims bilked victims out of a 'staggering' $16.6B last year, says FBI Biggest threat to America's critical infrastructure? Ransomware Cyber-crime24 Apr 2025 | 7
Ripple NPM supply chain attack hunts for private keys A mystery thief and a critical CVE involved in crypto cash grab Cyber-crime23 Apr 2025 | 4
This is not just any 'cyber incident' … this is an M&S 'cyber incident' Retailer tight-lipped on details as digital hiccup disrupts customer orders Cyber-crime22 Apr 2025 | 36
UN says Asian scam call center epidemic expanding globally amid political heat What used to be a serious issue mainly in Southeast Asia is now the world’s problem Cyber-crime22 Apr 2025 | 13
Russians lure European diplomats into malware trap with wine-tasting invite Vintage phishing varietal has improved with age Cyber-crime16 Apr 2025 | 14
Guess what happens when ransomware fiends find 'insurance' 'policy' in your files It involves a number close to three or six depending on the pickle you're in Spotlight on RSAC16 Apr 2025 | 20
Now 1.6M people had SSNs, life chapter and verse stolen from insurance IT biz 800K? Make that double, and we'll need a double, too, for the pain Cyber-crime15 Apr 2025 | 16
4chan, the 'internet’s litter box,' appears to have been pillaged by rival forum Source code, moderator info, IP addresses, more allegedly swiped and leaked Cyber-crime15 Apr 2025 | 33
China names alleged US snoops over Asian Winter Games attacks Beijing claims NSA went for gold in offensive cyber, got caught in the act Cyber-crime15 Apr 2025 | 6
Where it Hertz: Customer data driven off in Cleo attacks Car hire biz takes your privacy seriously, though Cyber-crime15 Apr 2025 | 7
Hacktivism resurges – but don't be fooled, it's often state-backed goons in masks Feature Military units, government nerds appear to join the fray, with physical infra in sights CSO13 Apr 2025 | 7
Ransomware crims hammering UK more than ever as British techies complain the board just doesn't get it Issues at the very top continue to worsen Cyber-crime11 Apr 2025 | 13
US sensor giant Sensata admits ransomware derailed ops Props for the transparency though Cyber-crime10 Apr 2025 | 4
Europol: Five pay-per-infect suspects cuffed, some spill secrets to cops Officials teased more details to come later this year Cyber-crime10 Apr 2025 |
The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned TL;DR: Move along, still nothing to see here - an idea that leaves infosec pros aghast Cyber-crime10 Apr 2025 | 27
Someone compromised US bank watchdog to access sensitive financial files OCC mum on who broke into email, but Treasury fingered China in similar hack months ago Cyber-crime09 Apr 2025 | 5
Devs sound alarm after Microsoft subtracts C/C++ extension from VS Code forks Cursor, Codium makers lose access as add-on goes exclusive
Ninite to win it: How to rebuild Windows without losing your mind Get a new, clean (maybe suspiciously empty) install up to speed – and keep it there
M&S takes systems offline as 'cyber incident' lingers Customers told to expect further delays as contactless payments still down
Microsoft mystery folder fix might need a fix of its own This one weird trick can stop Windows updates dead in their tracks
Assassin's Creed maker faces GDPR complaint for forcing single-player gamers online Collecting data from solo players is a Far Cry from being necessary, says noyb
Decades-old bug in Grand Theft Auto: San Andreas finally shows itself Something broke on Windows 11 24H2, but dev who discovered it tells El Reg this time Microsoft's not to blame
Qualcomm says license fight was because Arm wants to make its own server chips Alleges semi designer tried to obstruct Qualy's build of Arm-compatible custom cores
Fedora 42 has the Answer, but Ubuntu's Plucky Puffin isn't far behind Watch your partitions – GPT and dual-boot don't always mix
New Intel boss is all about ‘de-laborating’ the x86 giant – aka job cuts Thousands face ax, more given RTO orders in quest to suck less
Pharmacist accused of using webcams to spy on women in intimate moments at work, home Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec Cyber-crime09 Apr 2025 | 23
Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug Patch Tuesday A novel way to encourage upgrades? Microsoft would never stoop so low Patches08 Apr 2025 | 14
Oracle says its cloud was in fact compromised Reliability, honesty, accuracy. And then there's this lot PaaS + IaaS08 Apr 2025 | 37
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token But this mystery isn't over yet, Unit 42 opines Devops07 Apr 2025 | 7
Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims Crummy OPSEC leads to potentially decades in prison Cyber-crime07 Apr 2025 | 1
Ex-ASML, NXP staffer accused of stealing chip secrets, peddling them to Moscow We're not Putin up with this alleged industrial espionage, say the Dutch Cyber-crime04 Apr 2025 | 5
Retirement funds reportedly raided after unexplained portal probes and data theft Australians checking their pensions are melting down call centers and websites Cyber-crime04 Apr 2025 | 9
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years Simple denial-of-service blunder turned out to be remote unauth code exec disaster Cyber-crime03 Apr 2025 | 3
Why is someone mass-scanning Juniper and Palo Alto Networks products? Updated Espionage? Botnets? Trying to exploit a zero-day? Networks03 Apr 2025 | 11
Customer info allegedly stolen from compromised supplier of Royal Mail, Samsung Updated Stamp it out: Infostealer malware at German outfit may be culprit Cyber-crime03 Apr 2025 | 10
Crimelords at Hunters International tell lackeys ransomware too 'risky' Bosses say theft now the name of the game with a shift in tactics, apparent branding Cyber-crime02 Apr 2025 | 6
For healthcare orgs, DR means making sure docs can save lives during ransomware infections Organizational, technological resilience combined defeat the disease that is cybercrime Disaster Recovery Week02 Apr 2025 | 6
North Korea’s fake tech workers now targeting European employers With help from UK operatives, because it’s getting tougher to run the scam in the USA Cyber-crime02 Apr 2025 | 16
UK threatens £100K-a-day fines under new cyber bill Tech secretary reveals landmark legislation's full details for first time Cyber-crime01 Apr 2025 | 44
CISA spots spawn of Spawn malware targeting Ivanti flaw Resurge an apt name for malware targeting hardware maker that has security bug after security bug Cyber-crime01 Apr 2025 | 1
Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed 1990s incident response in 2025 PaaS + IaaS31 Mar 2025 | 8
Check Point confirms breach, but says it was 'old' data and crook made 'false' claims Explanation leaves a 'lot of questions unanswered,' says infosec researcher Cyber-crime31 Mar 2025 | 4
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?! Cyber-crime28 Mar 2025 | 7
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior Data stolen included checklist for medics on how to get into vulnerable people's homes Cyber-crime27 Mar 2025 | 3
Files stolen from NSW court system, including restraining orders for violence Victims' details at risk after criminals download 9,000 files from court database Cyber-crime26 Mar 2025 | 2
There are 10,000 reasons to doubt Oracle Cloud's security breach denial Customers come forward claiming info was swiped from prod Cyber-crime25 Mar 2025 | 43
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish 16,000 stolen records pertain to former and active mail subscribers Cyber-crime25 Mar 2025 | 37
VanHelsing ransomware emerges to put a stake through your Windows heart There's only one rule – don't attack Russia, duh Research25 Mar 2025 | 7
Hm, why are so many DrayTek routers stuck in a bootloop? Time to update your firmware, if you can, to one with the security fixes, cough cough Cyber-crime25 Mar 2025 | 58
23andMe's genes not strong enough to avoid Chapter 11 CEO steps down after multiple failed attempts to take the DNA testing company private Cyber-crime24 Mar 2025 | 46
Oracle Cloud says it's not true someone broke into its login servers and stole data Despite evidence to the contrary as alleged pilfered info goes on sale Cyber-crime23 Mar 2025 | 29
AdTech CEO whose products detected fraud jailed for financial fraud Made up revenue and pretended to use non-existent data Cyber-crime21 Mar 2025 | 9
Capital One cracker could be sent back to prison after judges rule she got off too lightly Feds want book thrown at Paige Thompson, who pinched 100M customer records Cyber-crime21 Mar 2025 | 18
Attackers swipe data of 500k+ people from Pennsylvania teachers union SSNs, payment details, and health info too Cyber-crime19 Mar 2025 | 3
Names, bank info, and more spills from top sperm bank Cyber-crime is officially getting out of hand Bootnotes19 Mar 2025 | 17
Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up Don't laugh. This kind of warning shows crims are getting desperate Cyber-crime18 Mar 2025 | 13
'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' Updated One PUT request, one poisoned session file, and the server’s yours CSO18 Mar 2025 | 8
GitHub supply chain attack spills secrets from 23,000 projects Large organizations among those cleaning up the mess Cyber-crime17 Mar 2025 | 34
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls It's March already and you haven't patched? Cyber-crime14 Mar 2025 |
Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand Feds warn gang still rampant and now cracked 300+ victims around the world Cyber-crime13 Mar 2025 | 4
Expired Juniper routers find new life – as Chinese spy hubs Fewer than 10 known victims, but Mandiant suspects others compromised, too Cyber-crime12 Mar 2025 | 5
This is the FBI, open up. China's Volt Typhoon is on your network Power utility GM talks to El Reg about getting that call and what happened next Cyber-crime12 Mar 2025 | 20
FTC's $25.5M scam refund treats victims to $34 each Oh wow, just look at all the scary stuff in your Windows Event Viewer Cyber-crime11 Mar 2025 | 12
Rhysida pwns two US healthcare orgs, extracts over 300K patients' data Terabytes of sensitive info remain available for download Cyber-crime10 Mar 2025 | 3
Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures $96B in transactions, some even labeled 'dirty funds,' since 2019, say prosecutors Ransomware in Focus07 Mar 2025 | 4
Alleged cyber scalpers Swiftly cuffed over $635K Taylor ticket heist I knew you were trouble, Queens DA might have said Cyber-crime07 Mar 2025 | 4
Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware Interview Which is why taking down chiefs and infra behind big name brand operations isn't working Ransomware in Focus07 Mar 2025 | 2
The Badbox botnet is back, powered by up to a million backdoored Androids Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort Cyber-crime07 Mar 2025 | 10
International cops seize ransomware crooks' favorite Russian crypto exchange Updated Did US Secret Service not get the memo, or? Ransomware in Focus06 Mar 2025 | 12
Toronto Zoo ransomware crooks snatch decades of visitor data Akira really wasn't horsing around with this one Ransomware in Focus06 Mar 2025 | 12
Up to $75M needed to fix up rural hospital cybersecurity as ransomware gangs keep scratching at the door Attacks strike, facilities go bust, patients die. But it's preventable Ransomware in Focus06 Mar 2025 | 8
Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks Xi's freelance infosec warriors apparently paid up to $75K to crack a single American inbox Cyber-crime06 Mar 2025 | 4
Leeds United kick card swipers into Row Z after 5-day cyberattack English football club offers apologies after fans' card details stolen from online retail store Cyber-crime05 Mar 2025 | 6
Qilin ransomware gang boasts of cyberattacks on cancer clinic, Ob-Gyn facility 'No regrets' crew continues extorting victims, leaking highly sensitive data Ransomware in Focus05 Mar 2025 | 2
Ransomware thugs threaten Tata Technologies with leak if demands not met Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant Ransomware in Focus05 Mar 2025 | 4
It's bad enough we have to turn on cams for meetings, now the person staring at you may be an AI deepfake Says the biz trying to sell us stuff to catch that, admittedly AI + ML04 Mar 2025 | 18
Polish space agency confirms cyberattack Officials vow to uncover who was behind it Ransomware in Focus03 Mar 2025 | 4
Governments can't seem to stop asking for secret backdoors Opinion Cut off one head and 100 grow back? Decapitation may not be the way to go Cyber-crime03 Mar 2025 | 126
Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim AI + ML28 Feb 2025 | 3
Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’ FYI: What NOT to search after committing a crime Cyber-crime27 Feb 2025 | 35
FBI officially fingers North Korea for $1.5B Bybit crypto-burglary Federal agents, open up ... your browsers and see if you recognize any of these wallets Cyber-crime27 Feb 2025 | 22
With millions upon millions of victims, scale of unstoppable info-stealer malware laid bare 244M purloined passwords added to Have I Been Pwned thanks to govt tip-off Cyber-crime26 Feb 2025 | 10
Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet Up to $140M in bounty rewards for return of Ethereum allegedly pilfered by hermit nation Cyber-crime26 Feb 2025 | 14
Drug-screening biz DISA took a year to disclose security breach affecting millions If there's something nasty on your employment record, extortion scum could come calling Cyber-crime26 Feb 2025 | 5
Xi know what you did last summer: China was all up in Republicans' email, says book Of course, Microsoft is in the mix, isn't it Cyber-crime25 Feb 2025 | 29
Southern Water takes the fifth over alleged $750K Black Basta ransom offer Leaked chats and spilled secrets as AI helps decode circa 200K private talks Ransomware in Focus25 Feb 2025 | 31
US Dept of Housing screens sabotaged to show deepfake of Trump sucking Elon's toes 'Appropriate action will be taken,' we're told – as federal HR email sparks uproar, ax falls on CISA staff Public Sector24 Feb 2025 | 133
Experts race to extract intel from Black Basta internal chat leaks Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data Ransomware in Focus21 Feb 2025 | 3
Oops, some of our customers' Power Pages-hosted sites were exploited, says Microsoft Don't think this is SaaS and you can relax: Redmond wants a few of you to check your websites Cyber-crime20 Feb 2025 | 4
US minerals company says crooks broke into email and helped themselves to $500K A painful loss for young company that's yet to generate revenue Cyber-crime20 Feb 2025 | 10
Ghost ransomware crew continues to haunt IT depts with scarily bad infosec FBI and CISA issue reminder - deep sigh - about the importance of patching and backups Ransomware in Focus20 Feb 2025 | 7
Medusa ransomware gang demands $2M from UK private health services provider Exclusive 2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Cyber-crime20 Feb 2025 | 10
US Army soldier linked to Snowflake extortion rampage admits breaking the law That's the way the cookie melts Cyber-crime20 Feb 2025 |
London celebrity talent agency reports itself to ICO following Rhysida attack claims Showbiz members' passport scans already plastered online Cyber-crime19 Feb 2025 | 2
US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware Called it an 'incident' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can’t say the R word Ransomware in Focus18 Feb 2025 | 12
Indian authorities seize loot from collapsed BitConnect crypto scam Devices containing crypto wallets tracked online, then in the real world Cyber-crime18 Feb 2025 | 13
This open text-to-speech model needs just seconds of audio to clone your voice Hands on El Reg shows you how to run Zyphra's speech-replicating AI on your own box AI + ML16 Feb 2025 | 47
If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir CSO15 Feb 2025 | 27
Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks Some employees steal sticky notes, others 'borrow' malicious code Ransomware in Focus14 Feb 2025 | 11
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un 300+ US companies, 70+ individuals hit by the fraudsters Cyber-crime12 Feb 2025 | 20
Ransomware isn't always about the money: Government spies have objectives, too Feature Analysts tell El Reg why Russia's operators aren't that careful, and why North Korea wants money AND data Ransomware in Focus12 Feb 2025 | 6
Crimelords and spies for rogue states are working together, says Google Only lawmakers can stop them. Plus: software needs to be more secure, but what's in it for us? Cyber-crime12 Feb 2025 | 19
Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining These crooks have no chill Ransomware in Focus11 Feb 2025 |
UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers Huge if true: Brit Foreign Sec says Putin running a 'corrupt mafia state' Cyber-crime11 Feb 2025 | 41
Man who SIM-swapped the SEC's X account pleads guilty Said to have asked search engine 'What are some signs that the FBI is after you?' Cyber-crime11 Feb 2025 | 9