Security News • The Register

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Russian judge lets off accused with time served – but others who refused to plead guilty face years in penal colony

Cyber-crime24 Jun 2025 | 9

Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address

Gotta keep 'em separated so the marketers and snoops can't come out and play

Software24 Jun 2025 | 37

Typhoon-like gang slinging TLS certificate 'signed' by the Los Angeles Police Department

Chinese crew built 1,000+ device network that runs on home devices then targets critical infrastructure

Security23 Jun 2025 | 11

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

Infosec in brief PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more

Security23 Jun 2025 | 7

Netflix, Apple, BofA websites hijacked with fake help-desk numbers

Don’t trust mystery digits popping up in your search bar

Cyber-crime20 Jun 2025 | 14

Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web

If it looks like a duck and walks like a duck...

Cyber-crime20 Jun 2025 | 5

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

It's a marketing move to lure more affiliates, says infosec veteran

Cyber-crime20 Jun 2025 | 4

Attack on Oxford City Council exposes 21 years of election worker data

Services coming back online after legacy systems compromised

Cyber-crime20 Jun 2025 | 24

Boffins devise voice-altering tech to jam 'vishing' schemes

To stop AI scam callers, break automatic speech recognition systems

Research19 Jun 2025 | 38

Uncle Sam seeks time in tower dump data grab case after judge calls it 'unconstitutional'

Feds told they can't demand a haystack to find a needle

Cyber-crime19 Jun 2025 | 17

Glazed and confused: Hole lotta highly sensitive data nicked from Krispy Kreme

Experts note 'major red flags' in donut giant's security as 161,676 staff and families informed of attack details

Cyber-crime19 Jun 2025 | 48

UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash

Good to see government that values its academics (cough cough). Plus: New board criticized for lacking 'ops' people

Public Sector19 Jun 2025 | 11

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Phishing, Python and RATs, oh my

Cyber-crime19 Jun 2025 | 2

Iran’s internet goes offline for hours amid claims of ‘enemy abuse’

Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to ‘other areas’

Public Sector19 Jun 2025 | 13

Minecraft cheaters never win ... but they may get malware

Infostealers posing as popular cheat tools are cropping up on GitHub

Cyber-crime18 Jun 2025 | 7

Asana's cutting-edge AI feature ran into a little data leakage problem

New MCP server was shut down for nearly two weeks

Security18 Jun 2025 | 2

Veeam patches third critical RCE bug in Backup & Replication in space of a year

Version 13 can’t come soon enough

Patches18 Jun 2025 | 1

How to bridge the MFA gap

If a credential is worth protecting, it's worth protecting well.

Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack

Interview Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI

CSO18 Jun 2025 | 10

Trump administration set to waive TikTok sell-or-die deadline for a third time

Quick reminder: The law that banned the app is called ‘Protecting Americans from Foreign Adversary Controlled Applications Act’

Public Sector18 Jun 2025 | 46

AWS locks down cloud security, hits 100% MFA enforcement for root users

Plus adds a ton more security capabilities for cloud customers at re:Inforce

Security17 Jun 2025 | 1

Sitecore CMS flaw let attackers brute-force 'b' for backdoor

Hardcoded passwords and path traversals keeping bug hunters in work

Patches17 Jun 2025 | 5

Redefining identity security in the age of agentic AI

Now AI agents have identity, too. Here's how to handle it

Partner content

23andMe hit with £2.3M fine after exposing genetic data of millions

Penalty follows year-long probe into flaws that allowed attack to affect so many

CSO17 Jun 2025 | 16

Scattered Spider has moved from retail to insurance

Google threat analysts warn the team behind the Marks & Spencer break-in has moved on

Cyber-crime16 Jun 2025 | 1

Remorseless extortionists claim to have stolen thousands of files from Freedman HealthCare

UPDATED The group has previously threatened to SWAT cancer patients and leaked pre-op plastic surgery photos

Cyber-crime16 Jun 2025 |

Canada's WestJet says 'expect interruptions' online as it navigates cybersecurity turbulence

updated Flights still flying - just don't count on the app or website working smoothly

Security16 Jun 2025 | 1

Eurocops arrest suspected Archetyp admin, shut down mega dark web drug shop

Marketplace as big as Silk Road had more than 600k users and turnover of 'at least' €250M

Security16 Jun 2025 | 9

Salesforce study finds LLM agents flunk CRM and confidentiality tests

6-in-10 success rate for single-step tasks

AI + ML16 Jun 2025 | 55

Microsoft adds export option to Windows Recall in Europe

Updated But lose your code and it's gone for good

OSes16 Jun 2025 | 19

Spy school dropout: GCHQ intern jailed for swiping classified data

Student 'believed he could finish' software dev 'project alone and therefore that the rules did not apply to him'

Security16 Jun 2025 | 117

How collaborative security can build you a better business

Getting employees on board can do more than prevent breaches; it can send profitability soaring

Armored cash transport trucks allegedly hauled money for $190 million crypto-laundering scheme

Asia In Brief PLUS: APNIC completes re-org; India cuts costs for chipmakers; Infosys tax probe ends; and more

Cyber-crime16 Jun 2025 | 3

Dems demand audit of CVE program as Federal funding remains uncertain

Infosec In Brief PLUS: Discord invite links may not be safe; Miscreants find new way to hide malicious JavaScript; and more!

Security15 Jun 2025 | 5

Cyber weapons in the Israel-Iran conflict may hit the US

With Tehran’s military weakened, digital retaliation likely, experts tell The Reg

Security13 Jun 2025 | 28

Do you trust Xi with your 'private' browsing data? Apple, Google stores still offer China-based VPNs, report says

Some trace back to an outfit under US export controls for alleged PLA links

Research13 Jun 2025 | 33

Apple fixes zero-click exploit underpinning Paragon spyware attacks

Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent

Security13 Jun 2025 | 18

Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

Infosec employers demanding too much from early-career recruits, says ISC2

CSO13 Jun 2025 | 75

Slapped wrists for Financial Conduct Authority staff who emailed work data home

It was one of the offenders' final warning

CSO13 Jun 2025 | 20

Ransomware scum disrupted utility services with SimpleHelp attacks

Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo

Cyber-crime12 Jun 2025 | 1

'Major compromise' at NHS temping arm exposed gaping security holes

Exclusive Incident responders suggested sweeping improvements following Active Directory database heist

Cyber-crime12 Jun 2025 | 18

DeepSeek installer or just malware in disguise? Click around and find out

'BrowserVenom' is pure poison

Cyber-crime11 Jun 2025 | 5

Hire me! To drop malware on your computer

FIN6 moves from point-of-sale compromise to phishing recruiters

Cyber-crime11 Jun 2025 | 3

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

The 16 other flagged issues are on customers, says CRM giant

Research11 Jun 2025 |

Asia dismantles 20,000 malicious domains in infostealer crackdown

Interpol coordinates operation, nabs 32 across Vietnam, Sri Lanka, and Nauru

Cyber-crime11 Jun 2025 | 4

Analysis to action: Operationalizing your threat intelligence

Timing is everything in the war against ransomware thieves, says Prelude Security

Partner content

Microsoft slows Windows 11 24H2 Patch Tuesday due to a 'compatibility issue'

updated On your marks, get set... bork!

Patches11 Jun 2025 | 50

CISO who helped unmask Badbox warns: Version 3 is coming

The botnet’s still alive and evolving

Cyber-crime11 Jun 2025 |

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack

Patch Tuesday Stealthy Falcon swoops on WebDAV and Redmond's even patching IE!

Patches10 Jun 2025 |

Texas warns 300,000 crash reports siphoned via compromised user account

Lone Star State drivers with accident records need to be careful about fraud

Cyber-crime10 Jun 2025 | 5

Critical Wazuh bug exploited in growing Mirai botnet infection

The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too

Research10 Jun 2025 |

Winning the war on ransomware with AI: Four real-world use cases

AI is your secret weapon against ransomware crooks. Here's how to use it

Partner Content

Trump guts digital ID rules, claims they help 'illegal aliens' commit fraud

Also axes secure software mandates - optional is the new secure, apparently

Security10 Jun 2025 | 67

Cloud brute-force attack cracks Google users' phone numbers in minutes

Chocolate Factory fixes issue, pays only $5K

Security10 Jun 2025 | 7

M&S online ordering system operational 46 days after cyber shutdown

A milestone in cyberattack recovery – but deliveries will take a while and normal service not yet back

Cyber-crime10 Jun 2025 | 18

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

Majority of exposures located in the US, including datacenters, healthcare facilities, factories, and more

Research10 Jun 2025 | 59

Apple tries to contain itself with lightweight Linux VMs for macOS

Swift-based containerization framework aims to improve performance and security

Virtualization10 Jun 2025 | 22

Topics

Special Features

Vendor Voice

Resources

Security

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address

Typhoon-like gang slinging TLS certificate 'signed' by the Los Angeles Police Department

Iran cyberattacks against US biz more likely following air strikes

Second attack on McLaren Health Care in a year affects 743k people

Experts count staggering costs incurred by UK retail amid cyberattack hell

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

Netflix, Apple, BofA websites hijacked with fake help-desk numbers

Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

Attack on Oxford City Council exposes 21 years of election worker data

Boffins devise voice-altering tech to jam 'vishing' schemes

Uncle Sam seeks time in tower dump data grab case after judge calls it 'unconstitutional'

Glazed and confused: Hole lotta highly sensitive data nicked from Krispy Kreme

UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Iran’s internet goes offline for hours amid claims of ‘enemy abuse’

Minecraft cheaters never win ... but they may get malware

Asana's cutting-edge AI feature ran into a little data leakage problem

Veeam patches third critical RCE bug in Backup & Replication in space of a year

How to bridge the MFA gap

Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack

Trump administration set to waive TikTok sell-or-die deadline for a third time

AWS locks down cloud security, hits 100% MFA enforcement for root users

Sitecore CMS flaw let attackers brute-force 'b' for backdoor

Redefining identity security in the age of agentic AI

23andMe hit with £2.3M fine after exposing genetic data of millions

Scattered Spider has moved from retail to insurance

Remorseless extortionists claim to have stolen thousands of files from Freedman HealthCare

Canada's WestJet says 'expect interruptions' online as it navigates cybersecurity turbulence

Eurocops arrest suspected Archetyp admin, shut down mega dark web drug shop

Salesforce study finds LLM agents flunk CRM and confidentiality tests

Microsoft adds export option to Windows Recall in Europe

Spy school dropout: GCHQ intern jailed for swiping classified data

How collaborative security can build you a better business

Armored cash transport trucks allegedly hauled money for $190 million crypto-laundering scheme

Dems demand audit of CVE program as Federal funding remains uncertain

Cyber weapons in the Israel-Iran conflict may hit the US

Do you trust Xi with your 'private' browsing data? Apple, Google stores still offer China-based VPNs, report says

Apple fixes zero-click exploit underpinning Paragon spyware attacks

Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

Slapped wrists for Financial Conduct Authority staff who emailed work data home

Ransomware scum disrupted utility services with SimpleHelp attacks

'Major compromise' at NHS temping arm exposed gaping security holes

DeepSeek installer or just malware in disguise? Click around and find out

Hire me! To drop malware on your computer

Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks

Asia dismantles 20,000 malicious domains in infostealer crackdown

Analysis to action: Operationalizing your threat intelligence

Microsoft slows Windows 11 24H2 Patch Tuesday due to a 'compatibility issue'

CISO who helped unmask Badbox warns: Version 3 is coming

Microsoft warns of 66 flaws to fix for this Patch Tuesday, and two are under active attack

Texas warns 300,000 crash reports siphoned via compromised user account

Critical Wazuh bug exploited in growing Mirai botnet infection

Winning the war on ransomware with AI: Four real-world use cases

Trump guts digital ID rules, claims they help 'illegal aliens' commit fraud

Cloud brute-force attack cracks Google users' phone numbers in minutes

M&S online ordering system operational 46 days after cyber shutdown

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

Apple tries to contain itself with lightweight Linux VMs for macOS

About Us

Our Websites

Your Privacy