Category: The Register – Security

PLUS: Exercise app tells spies to stop mapping; GitLab scan reveals 17,000 secrets; Leak exposes Iran’s Charming Kitten; and more! Infosec In Brief  Switzerland’s Conference of Data Protection Officers, Privatim, last week issued a resolution calling on Swiss public bodies…

Read more →

Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm compromise was “the largest and most impactful security incident” it’s ever experienced after attackers slipped malicious releases into its…

Read more →

Project cites fears of state access as cloud sovereignty row deepens French cloud outfit OVHcloud took another hit this week after GrapheneOS, a mobile operating system, said it was ditching the company’s servers over concerns about France’s approach to digital…

Read more →

Crims claim to know which customers are marked ‘vulnerable’ British telco Brsk is investigating claims that it was attacked by cybercriminals who made off with more than 230,000 files.… This article has been indexed from The Register – Security Read…

Read more →

Training outfit scrambles to fix all-male lineup before December kickoff Cybersecurity training provider TryHackMe is scrambling to recruit women infosec pros to help with its Christmas challenge following backlash concerning a lack of gender diversity.… This article has been indexed…

Read more →

Ex-NCSC chief Ciaran Martin asked to examine how forecast ended up online ahead of schedule The Office for Budget Responsibility (OBR) has drafted in former National Cyber Security Centre (NCSC) chief Ciaran Martin to sniff out how its Budget day…

Read more →

OBR says the scheme will cost £600M a year with no identified savings The UK government has finally put a £1.8 billion price tag on its digital ID plans – days after the minister responsible refused to name a figure.……

Read more →

Talk about buyer’s remorse South Korean web giant Naver has had an interesting week, after it acquired a cryptocurrency exchange that the next day revealed it had suffered a serious cyberattack.… This article has been indexed from The Register –…

Read more →

ReliaQuest finds fresh crop of phishing domains and toxic tickets Scattered Lapsus$ Hunters may be circling Zendesk users for its latest extortion campaign, with new phishing domains and weaponized helpdesk tickets uncovered by ReliaQuest.… This article has been indexed from…

Read more →

ChatGPT maker places other vendors under review following breach OpenAI says API users may be affected by a recent breach at its former data analytics provider, Mixpanel.… This article has been indexed from The Register – Security Read the original…

Read more →

Agency flags hijacks of insecure studio-to-transmitter gear after attackers pipe in fake alerts and vulgar audio Malicious intruders have hijacked US radio gear to turn emergency broadcast tones into a profanity-laced alarm system.… This article has been indexed from The…

Read more →

Brewer finally tallies fallout from September attack as it pushes earnings into 2026 Asahi has finally done the sums on September’s ransomware attack in Japan, conceding the crooks may have helped themselves to personal data tied to almost 2 million…

Read more →

Audit sympathetic toward Comhairle nan Eilean Siar as staff stretched to capacity trying to recover Auditors remain concerned about the cyber resilience of a Scottish council as some systems are yet to be fully rebuilt following a ransomware attack in…

Read more →

Maybe if your hand has 200+ fingers… Gainsight CEO Chuck Ganapathi downplayed the victim count related to his company’s recent breach, saying he’s only aware of “a handful of customers” who had their data affected after Salesforce flagged unusual activity…

Read more →

Even worse, it might have been a ‘test run’ for future attacks A Mirai-based botnet named ShadowV2 emerged during last October’s widespread AWS outage, infecting IoT devices across industries and continents, likely serving as a “test run” for future attacks,…

Read more →

GSMA says fragmented, poorly designed laws add burdens without making networks any safer Mobile operators’ core cybersecurity spending is projected to more than double by 2030 as threats evolve, while poorly designed and fragmented policy frameworks add extra compliance costs,…

Read more →

Regions across US affected, and one tore up its contract for the product Towns and cities across the US are without access to their CodeRED emergency alert system following a cyberattack on vendor Crisis24.… This article has been indexed from…

Read more →

Service limits 20-ship line to two hulls after redesigns and delays torpedo schedule The US Navy is scrapping an entire shipbuilding program in an effort to find alternatives that can be delivered faster to counter expected threats.… This article has…

Read more →

Three boroughs confirm investigation amid service outages, disrupted phone lines, and limited online access Two London councils are scrambling for answers after declaring a cybersecurity issue that began on Monday.… This article has been indexed from The Register – Security…

Read more →

Smart cybersecurity investments during Black Friday 2025. The best enterprise security deals with up to 60 percent off Partner Content  The annual Black Friday scramble isn’t just for consumers elbowing each other for discounted tellies. For IT directors and CISOs,…

Read more →