David and Goliath…but with AI agents Researchers at red-team security startup CodeWall say their AI agent hacked McKinsey’s internal AI platform and gained full read and write access to the chatbot in just two hours.… This article has been indexed…
Category: The Register – Security
ShinyHunters claims more high-profile victims in latest Salesforce customers data heist
And they abused a Mandiant-developed open source tool in the attacks ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist, including Salesforce itself.… This article has been indexed…
EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen
An attack on the company’s AWS platform may have exposed customers’ names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that…
Dutch cops warn 100 alleged scammers: Turn yourselves in or we tell Grandma
Two-week deadline to fraudsters to fess up or have their faces plastered across every screen in the country Dutch national police are taking a novel stand against scammers – 100 suspects now have less than two weeks to hand themselves…
Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
Dutch spies flag large-scale campaign to hijack secure messaging accounts Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people…
Microsoft Azure CTO set Claude on his 1986 Apple II code, says it found vulns
This isn’t just a nostalgia trip – billions of legacy microcontrollers may be at risk AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II…
Royal Navy races to arm ships against drone threat
Britain’s Ministry of Defence wants a counter-drone system designed, contracted, and delivered within weeks Britain’s Royal Navy is urgently seeking a ship-based counter-drone system and recent world events likely explain why.… This article has been indexed from The Register –…
Iran is the first out-loud cyberwar the US has fought
Cyber is no longer the hush-hush thing it used to be, as team Trump invades Iran with hackers taking the lead Kettle Unlike previous military conflicts, the cyber domain has been front and center since the Trump administration invaded Iran,…
FBI is investigating breach that may have hit its wiretapping tools
PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more Infosec In Brief The FBI is investigating a breach of its systems which reportedly affected systems related to wiretapping and surveillance.… This article…
AI agents now help attackers, including North Korea, manage their drudge work
Crims ‘will do what gets them their objective easiest and fastest,’ Microsoft threat intel boss tells The Reg interview AI agents allow cybercriminals and nation-state hackers to outsource the “janitorial-type work” needed to plan and carry out cyberattacks, according to…
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Now if only device makers would deliver higher quality components Thanks to Anthropic’s AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can’t help.……
Spyware disguised as emergency-alert app sent to Israeli smartphones
Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew Hamas-linked attackers are dropping spyware disguised as an emergency-alert app on Israelis’ smartphones via SMS messages, according to security researchers.… This article has been indexed from The…
Cisco warns of two more SD-WAN bugs under active attack
Switchzilla says flaws could allow file overwrites or privilege escalation Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software.… This article has…
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma…
Son of government contractor arrested after alleged $46M crypto heist from US Marshals
FBI and French GIGN swoop on Saint Martin, John Daghita in cuffs The son of a government contractor was arrested in the Caribbean after allegedly stealing more than $46 million in seized cryptocurrency from the US Marshals Service, the FBI…
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
Released from the curse of the update bork fairy Microsoft has finally fixed a Windows Recovery Environment (WinRE) bug it introduced in Windows 10’s final update.… This article has been indexed from The Register – Security Read the original article:…
Transport for London says 2024 breach affected 7M customers, not 5,000
Authority says attackers accessed systems holding data tied to millions of Oyster and contactless users Transport for London has confirmed that a 2024 breach exposed the data of more than 7 million people – a far larger crowd than the…
Google says spyware makers and China-linked groups dominated zero-day attacks last year
Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech Zero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage groups remaining the most prolific state-backed users, according to Google.… This article has…
Iran intelligence backdoored US bank, airport, software outfit networks
MOIS-linked MuddyWater crew has a new, custom implant An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies’ networks – including a bank, software firm, and…
UK watchdog eyes Meta’s smart glasses after workers say they ‘see everything’
Contractors tasked with improving AI reportedly had access to intimate footage captured through wearables Britain’s privacy watchdog is asking questions about Meta’s AI-powered smart glasses after reports that human contractors reviewing recordings from the devices were exposed to extremely private…