Category: The Register – Security

Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins Voice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims’…

Read more →

Claims it can analyze millions of daily events with 98 percent accuracy Google’s Gemini AI agents are crawling the dark web, sifting through upward of 10 million posts a day to find a handful of threats relevant to a particular…

Read more →

Trio-Tech International initially said hack wasn’t ‘material,’ but then stolen data was published Trio-Tech International initially shrugged off a ransomware attack at a Singapore subsidiary as immaterial, only to reverse course days later after discovering stolen data had been disclosed.……

Read more →

Infosec pros descend on San Francisco kettle  When El Reg cybersecurity editor Jessica Lyons joins infosec industry colleagues in San Francisco for RSAC 2026 this week, she’s expecting agentic AI to be on everyone’s lips – at least those who…

Read more →

The era of reliability begins… right after this out-of-band patch Microsoft has released an out-of-band update to resolve bugs introduced by a Windows patch just days after promising improved reliability.… This article has been indexed from The Register – Security…

Read more →

Ukraine’s battlefield lessons show quantity and affordability now trump exquisite hardware NATO is unprepared to deal with attacks by cheap, mass-produced drones and urgently needs layered, affordable air defense systems to counter the threat, taking a cue from the experience…

Read more →

Plus: US takes down Iranian propaganda sites; Marketing company asks ‘Why Do We Have Your Information?’ And more! Infosec In Brief  Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts…

Read more →

Rust security maintainers contend Nadim Kobeissi’s vulnerability claims are too much Since February, cryptographer Nadim Kobeissi has been trying to get code fixes applied to Rust cryptography libraries to address what he says are critical bugs. For his efforts, he’s…

Read more →

Cams statistically more likely to ID Black people, says new research A UK police force has suspended its deployment of live facial recognition (LFR) technology after a study revealed it was statistically more likely to identify Black people on a…

Read more →

Millions of hijacked devices powered traffic floods targeting defense systems and beyond The US government has moved to disrupt a cluster of IoT botnets behind some of the largest DDoS attacks ever recorded, including traffic bursts topping 30 terabits per…

Read more →

Lack of clear criteria risks encouraging firms to lean on state support instead of worrying about insurance The UK’s cyber watchdog has warned that the government’s £1.5 billion bailout of Jaguar Land Rover (JLR) risks setting a troubling precedent for…

Read more →

Audit trails aplenty, but no price tag – and no clue how long your data sticks around Opinion  Last week’s UK government consultation on its plans for digital identity had quite a few things missing. It did not include a…

Read more →

He would have gotten away with it too, if it weren’t for a meddling security team’s fear of USB On Call  Each Friday The Register offers a fresh installment of On Call, the reader-contributed column that celebrates the fine art…

Read more →

Last time: Beijing-backed snoops and ransomware crims. Who’s next? Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims’ SharePoint servers, the US government warned.… This article has been indexed from The Register – Security Read the…

Read more →

Chocolate Factory describes concession as an attempt to balance openess with safety It turns out you won’t be limited to Google-verified apps an developers on Android after all. In the face of sustained community dissatisfaction with its developer verification requirement,…

Read more →

Iran-linked attackers wiped employees’ devices using Intune The US government has urged companies to better secure Microsoft Intune, an endpoint management tool that was abused in last week’s cyberattack against med-tech firm Stryker.… This article has been indexed from The…

Read more →

Where are you? What are you working on? Why are you doing that? Identity access and management platform Okta announced the general availability of its Okta for AI Agents, which will give customers the ability to do three things: locate…

Read more →

Darksword is the second iOS exploit chain in a month A new exploit kit targeting iPhone users and stealing their sensitive data is being abused by “multiple” spyware vendors and suspected nation-state goons, security researchers said on Wednesday.… This article…

Read more →

Interlock’s post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.… This article…

Read more →

Researchers map full org chart of the scam from dodgy recruiters to helpful Western collaborators Researchers at IBM X‑Force and Flare Research have uncovered data that sheds light on how North Korea’s fake IT worker schemes operate and infiltrate companies…

Read more →