Attackers pwn charter airline helping Trump's deportation campaign Intruders claim they stole GlobalX's flight records and manifests Cyber-crime12 May 2025 | 24
Britain's cyber agents and industry clash over how to tackle shoddy software CYBERUK Providers argue that if end users prioritized security, they'd get it CSO12 May 2025 | 33
Unending ransomware attacks are a symptom, not the sickness Opinion We need to make taking IT systems 'off the books' a problem for corporate types Cyber-crime12 May 2025 | 41
You think ransomware is bad now? Wait until it infects CPUs RSAC Rapid7 threat hunter wrote a PoC. No, he's not releasing it Research11 May 2025 | 54
Feds disrupt proxy-for-hire botnet, indict four alleged net miscreants The FBI also issued a list of end-of-life routers you need to replace Cyber-crime10 May 2025 | 10
VC behemoth Insight Partners fears top-secret financial info swiped by cyber-miscreants Weapons-grade fuel for fraud Cyber-crime09 May 2025 | 8
PowerSchool paid thieves to delete stolen student, teacher data. Looks like crooks lied Now individual school districts extorted by fiends CSO08 May 2025 | 31
Disney Slack attack wasn't Russian protesters, just a Cali dude with malware 25-year-old fella pleads guilty to stealing, dumping 1.1TB of data from the House of Mouse Cyber-crime02 May 2025 | 18
Generative AI makes fraud fluent – from phishing lures to fake lovers RSAC Real-time video deepfakes? Not convincing yet Spotlight on RSAC02 May 2025 | 5
British govt agents step in as Harrods becomes third mega retailer under cyberattack Experts suggest the obvious: There is an ongoing coordinated attack on UK retail sector Cyber-crime02 May 2025 | 142
Healthcare group Ascension discloses second cyberattack on patients' data This time criminals targeted partner’s third-party software Cyber-crime01 May 2025 | 1
Data watchdog will leave British Library alone – further probes 'not worth our time' No MFA? No problem – as long as you show you’ve learned your lesson Cyber-crime01 May 2025 | 7
Maryland man pleads guilty to outsourcing US govt work to North Korean dev in China Feds say $970K scheme defrauded 13+ companies Cyber-crime30 Apr 2025 | 10
China now America's number one cyber threat – US must get up to speed RSAC Former Rear Admiral calls for National Guard online deployment and corporates to be held accountable Spotlight on RSAC29 Apr 2025 | 22
The one interview question that will protect you from North Korean fake workers RSAC FBI and others list how to spot NK infiltrators, but AI will make it harder Spotlight on RSAC29 Apr 2025 | 94
Ex-Disney employee gets 3 years in the clink for goofy attacks on mousey menus Florida man altered allergen info, DoSed former colleagues Cyber-crime29 Apr 2025 | 15
From 112K to 4M folks' data – HR biz attack goes from bad to mega bad It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands Cyber-crime28 Apr 2025 | 7
M&S stops online orders as 'cyber incident' issues worsen One step forward and one step back as earlier hopes of progress dashed by latest update Cyber-crime25 Apr 2025 | 21
Darcula adds AI to its DIY phishing kits to help would-be vampires bleed victims dry Because coding phishing sites from scratch is a real pain in the neck Cyber-crime25 Apr 2025 | 5
SSNs and more on 5.5M+ patients feared stolen from Yale Health At least it wasn't Harvard Cyber-crime24 Apr 2025 | 5
US Copyright Office found AI companies sometimes breach copyright. Next day its boss was fired Some see an action to benefit Elon. The White House sees an agency obsessed with DEI
You think ransomware is bad now? Wait until it infects CPUs RSAC Rapid7 threat hunter wrote a PoC. No, he's not releasing it
Unending ransomware attacks are a symptom, not the sickness Opinion We need to make taking IT systems 'off the books' a problem for corporate types
DOGE worker's old creds found exposed in infostealer malware dumps Infosec in brief PLUS: Celsius scammer sent to slammer; Death-by-hacking victim warns you're never safe; and more
Paul McCartney, Elton John, other creatives demand AI comes clean on scraping Musicians, artists, writers, actors urge government to protect copyright
So your [expletive] test failed. So [obscene participle] what? Who, Me? It was acceptable in the '80s
Britain's cyber agents and industry clash over how to tackle shoddy software CYBERUK Providers argue that if end users prioritized security, they'd get it
LegoGPT is here to make your blocky dreams come true As long as those fit into a 20 x 20 x 20 grid and can be built from 8 basic bricks
OS-busting bug so bad that Microsoft blocks Windows Insider release Canary fans told it hurts functionality to the point that it makes 'using your PC to do even basic things difficult'
TikTok's Chinese app - Douyin - in trouble after spat over the price of jade Asia In Brief PLUS: Huawei's Windows-free PC appears; Robo-car rentals come to China; Europe, India, collab in space; and more
M&S takes systems offline as 'cyber incident' lingers Customers told to expect further delays as contactless payments still down Cyber-crime24 Apr 2025 | 12
Ransomware scum and other crims bilked victims out of a 'staggering' $16.6B last year, says FBI Biggest threat to America's critical infrastructure? Ransomware Cyber-crime24 Apr 2025 | 7
Ripple NPM supply chain attack hunts for private keys A mystery thief and a critical CVE involved in crypto cash grab Cyber-crime23 Apr 2025 | 4
This is not just any 'cyber incident' … this is an M&S 'cyber incident' Retailer tight-lipped on details as digital hiccup disrupts customer orders Cyber-crime22 Apr 2025 | 36
UN says Asian scam call center epidemic expanding globally amid political heat What used to be a serious issue mainly in Southeast Asia is now the world’s problem Cyber-crime22 Apr 2025 | 14
Russians lure European diplomats into malware trap with wine-tasting invite Vintage phishing varietal has improved with age Cyber-crime16 Apr 2025 | 14
Guess what happens when ransomware fiends find 'insurance' 'policy' in your files It involves a number close to three or six depending on the pickle you're in Spotlight on RSAC16 Apr 2025 | 20
Now 1.6M people had SSNs, life chapter and verse stolen from insurance IT biz 800K? Make that double, and we'll need a double, too, for the pain Cyber-crime15 Apr 2025 | 16
4chan, the 'internet’s litter box,' appears to have been pillaged by rival forum Source code, moderator info, IP addresses, more allegedly swiped and leaked Cyber-crime15 Apr 2025 | 33
China names alleged US snoops over Asian Winter Games attacks Beijing claims NSA went for gold in offensive cyber, got caught in the act Cyber-crime15 Apr 2025 | 6
Where it Hertz: Customer data driven off in Cleo attacks Car hire biz takes your privacy seriously, though Cyber-crime15 Apr 2025 | 7
Hacktivism resurges – but don't be fooled, it's often state-backed goons in masks Feature Military units, government nerds appear to join the fray, with physical infra in sights CSO13 Apr 2025 | 7
Ransomware crims hammering UK more than ever as British techies complain the board just doesn't get it Issues at the very top continue to worsen Cyber-crime11 Apr 2025 | 13
US sensor giant Sensata admits ransomware derailed ops Props for the transparency though Cyber-crime10 Apr 2025 | 4
Europol: Five pay-per-infect suspects cuffed, some spill secrets to cops Officials teased more details to come later this year Cyber-crime10 Apr 2025 |
The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned TL;DR: Move along, still nothing to see here - an idea that leaves infosec pros aghast Cyber-crime10 Apr 2025 | 27
Someone compromised US bank watchdog to access sensitive financial files OCC mum on who broke into email, but Treasury fingered China in similar hack months ago Cyber-crime09 Apr 2025 | 5
Pharmacist accused of using webcams to spy on women in intimate moments at work, home Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec Cyber-crime09 Apr 2025 | 23
Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug Patch Tuesday A novel way to encourage upgrades? Microsoft would never stoop so low Patches08 Apr 2025 | 14
Oracle says its cloud was in fact compromised Reliability, honesty, accuracy. And then there's this lot PaaS + IaaS08 Apr 2025 | 37
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token But this mystery isn't over yet, Unit 42 opines Devops07 Apr 2025 | 7
Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims Crummy OPSEC leads to potentially decades in prison Cyber-crime07 Apr 2025 | 1
Ex-ASML, NXP staffer accused of stealing chip secrets, peddling them to Moscow We're not Putin up with this alleged industrial espionage, say the Dutch Cyber-crime04 Apr 2025 | 5
Retirement funds reportedly raided after unexplained portal probes and data theft Australians checking their pensions are melting down call centers and websites Cyber-crime04 Apr 2025 | 9
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years Simple denial-of-service blunder turned out to be remote unauth code exec disaster Cyber-crime03 Apr 2025 | 3
Why is someone mass-scanning Juniper and Palo Alto Networks products? Updated Espionage? Botnets? Trying to exploit a zero-day? Networks03 Apr 2025 | 11
Customer info allegedly stolen from compromised supplier of Royal Mail, Samsung Updated Stamp it out: Infostealer malware at German outfit may be culprit Cyber-crime03 Apr 2025 | 10
Crimelords at Hunters International tell lackeys ransomware too 'risky' Bosses say theft now the name of the game with a shift in tactics, apparent branding Cyber-crime02 Apr 2025 | 6
For healthcare orgs, DR means making sure docs can save lives during ransomware infections Organizational, technological resilience combined defeat the disease that is cybercrime Disaster Recovery Week02 Apr 2025 | 6
North Korea’s fake tech workers now targeting European employers With help from UK operatives, because it’s getting tougher to run the scam in the USA Cyber-crime02 Apr 2025 | 16
UK threatens £100K-a-day fines under new cyber bill Tech secretary reveals landmark legislation's full details for first time Cyber-crime01 Apr 2025 | 44
CISA spots spawn of Spawn malware targeting Ivanti flaw Resurge an apt name for malware targeting hardware maker that has security bug after security bug Cyber-crime01 Apr 2025 | 1
Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed 1990s incident response in 2025 PaaS + IaaS31 Mar 2025 | 8
Check Point confirms breach, but says it was 'old' data and crook made 'false' claims Explanation leaves a 'lot of questions unanswered,' says infosec researcher Cyber-crime31 Mar 2025 | 4
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?! Cyber-crime28 Mar 2025 | 7
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior Data stolen included checklist for medics on how to get into vulnerable people's homes Cyber-crime27 Mar 2025 | 3
Files stolen from NSW court system, including restraining orders for violence Victims' details at risk after criminals download 9,000 files from court database Cyber-crime26 Mar 2025 | 2
There are 10,000 reasons to doubt Oracle Cloud's security breach denial Customers come forward claiming info was swiped from prod Cyber-crime25 Mar 2025 | 43
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish 16,000 stolen records pertain to former and active mail subscribers Cyber-crime25 Mar 2025 | 37
VanHelsing ransomware emerges to put a stake through your Windows heart There's only one rule – don't attack Russia, duh Research25 Mar 2025 | 7
Hm, why are so many DrayTek routers stuck in a bootloop? Time to update your firmware, if you can, to one with the security fixes, cough cough Cyber-crime25 Mar 2025 | 58
23andMe's genes not strong enough to avoid Chapter 11 CEO steps down after multiple failed attempts to take the DNA testing company private Cyber-crime24 Mar 2025 | 46
Oracle Cloud says it's not true someone broke into its login servers and stole data Despite evidence to the contrary as alleged pilfered info goes on sale Cyber-crime23 Mar 2025 | 29
AdTech CEO whose products detected fraud jailed for financial fraud Made up revenue and pretended to use non-existent data Cyber-crime21 Mar 2025 | 9
Capital One cracker could be sent back to prison after judges rule she got off too lightly Feds want book thrown at Paige Thompson, who pinched 100M customer records Cyber-crime21 Mar 2025 | 18
Attackers swipe data of 500k+ people from Pennsylvania teachers union SSNs, payment details, and health info too Cyber-crime19 Mar 2025 | 3
Names, bank info, and more spills from top sperm bank Cyber-crime is officially getting out of hand Bootnotes19 Mar 2025 | 17
Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up Don't laugh. This kind of warning shows crims are getting desperate Cyber-crime18 Mar 2025 | 13
'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' Updated One PUT request, one poisoned session file, and the server’s yours CSO18 Mar 2025 | 8
GitHub supply chain attack spills secrets from 23,000 projects Large organizations among those cleaning up the mess Cyber-crime17 Mar 2025 | 34
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls It's March already and you haven't patched? Cyber-crime14 Mar 2025 |
Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand Feds warn gang still rampant and now cracked 300+ victims around the world Cyber-crime13 Mar 2025 | 4
Expired Juniper routers find new life – as Chinese spy hubs Fewer than 10 known victims, but Mandiant suspects others compromised, too Cyber-crime12 Mar 2025 | 5
This is the FBI, open up. China's Volt Typhoon is on your network Power utility GM talks to El Reg about getting that call and what happened next Cyber-crime12 Mar 2025 | 20
FTC's $25.5M scam refund treats victims to $34 each Oh wow, just look at all the scary stuff in your Windows Event Viewer Cyber-crime11 Mar 2025 | 12
Rhysida pwns two US healthcare orgs, extracts over 300K patients' data Terabytes of sensitive info remain available for download Cyber-crime10 Mar 2025 | 3
Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures $96B in transactions, some even labeled 'dirty funds,' since 2019, say prosecutors Ransomware in Focus07 Mar 2025 | 4
Alleged cyber scalpers Swiftly cuffed over $635K Taylor ticket heist I knew you were trouble, Queens DA might have said Cyber-crime07 Mar 2025 | 4
Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware Interview Which is why taking down chiefs and infra behind big name brand operations isn't working Ransomware in Focus07 Mar 2025 | 2
The Badbox botnet is back, powered by up to a million backdoored Androids Best not to buy cheap hardware and use third-party app stores if you want to stay clear of this vast ad fraud effort Cyber-crime07 Mar 2025 | 10
International cops seize ransomware crooks' favorite Russian crypto exchange Updated Did US Secret Service not get the memo, or? Ransomware in Focus06 Mar 2025 | 12
Toronto Zoo ransomware crooks snatch decades of visitor data Akira really wasn't horsing around with this one Ransomware in Focus06 Mar 2025 | 12
Up to $75M needed to fix up rural hospital cybersecurity as ransomware gangs keep scratching at the door Attacks strike, facilities go bust, patients die. But it's preventable Ransomware in Focus06 Mar 2025 | 8
Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks Xi's freelance infosec warriors apparently paid up to $75K to crack a single American inbox Cyber-crime06 Mar 2025 | 4
Leeds United kick card swipers into Row Z after 5-day cyberattack English football club offers apologies after fans' card details stolen from online retail store Cyber-crime05 Mar 2025 | 6
Qilin ransomware gang boasts of cyberattacks on cancer clinic, Ob-Gyn facility 'No regrets' crew continues extorting victims, leaking highly sensitive data Ransomware in Focus05 Mar 2025 | 2
Ransomware thugs threaten Tata Technologies with leak if demands not met Hunters International ready to off-shore 1.4 TB of info allegedly swiped from Indian giant Ransomware in Focus05 Mar 2025 | 4
It's bad enough we have to turn on cams for meetings, now the person staring at you may be an AI deepfake Says the biz trying to sell us stuff to catch that, admittedly AI + ML04 Mar 2025 | 18
Polish space agency confirms cyberattack Officials vow to uncover who was behind it Ransomware in Focus03 Mar 2025 | 4
Governments can't seem to stop asking for secret backdoors Opinion Cut off one head and 100 grow back? Decapitation may not be the way to go Cyber-crime03 Mar 2025 | 126
Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim AI + ML28 Feb 2025 | 3
Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’ FYI: What NOT to search after committing a crime Cyber-crime27 Feb 2025 | 35
FBI officially fingers North Korea for $1.5B Bybit crypto-burglary Federal agents, open up ... your browsers and see if you recognize any of these wallets Cyber-crime27 Feb 2025 | 22
With millions upon millions of victims, scale of unstoppable info-stealer malware laid bare 244M purloined passwords added to Have I Been Pwned thanks to govt tip-off Cyber-crime26 Feb 2025 | 10
Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet Up to $140M in bounty rewards for return of Ethereum allegedly pilfered by hermit nation Cyber-crime26 Feb 2025 | 14
Drug-screening biz DISA took a year to disclose security breach affecting millions If there's something nasty on your employment record, extortion scum could come calling Cyber-crime26 Feb 2025 | 5
Xi know what you did last summer: China was all up in Republicans' email, says book Of course, Microsoft is in the mix, isn't it Cyber-crime25 Feb 2025 | 29
Southern Water takes the fifth over alleged $750K Black Basta ransom offer Leaked chats and spilled secrets as AI helps decode circa 200K private talks Ransomware in Focus25 Feb 2025 | 31
US Dept of Housing screens sabotaged to show deepfake of Trump sucking Elon's toes 'Appropriate action will be taken,' we're told – as federal HR email sparks uproar, ax falls on CISA staff Public Sector24 Feb 2025 | 133
Experts race to extract intel from Black Basta internal chat leaks Researchers say there's dissent in the ranks. Plus: An AI tool lets you have a go yourself at analysing the data Ransomware in Focus21 Feb 2025 | 3