Category: The Register – Security

Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning…

Read more →

Bill would let US President commission white hat hackers to go after foreign threats, seize assets on the online seas It’s been more than 200 years since the United States issued a letter of marque allowing privateers to attack the…

Read more →

Everything a criminal needs for targeted attacks exposed, but telco insists ‘no critical data compromised’ A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.… This article has been indexed from…

Read more →

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based…

Read more →

Worried about your data? Not to worry, we’ll check the dark web for you! Yes really A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm…

Read more →

Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.… This article has been indexed…

Read more →

Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have…

Read more →

One fetcher bot seen smacking a website with 39,000 requests per minute Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts…

Read more →

Took out all traffic to port 443 at a time Beijing didn’t have an obvious need to keep its netizens in the dark China cut itself off from much of the global internet for just over an hour on Wednesday.……

Read more →

Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… This article has been indexed from The Register – Security Read the original article: Microsoft stays…

Read more →

Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer’s machine,…

Read more →

Snarfing up config files for ‘thousands’ of devices…just for giggles, we’re sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks…

Read more →

Researchers disclosing their findings said ‘it’s as bad as it sounds’ Researchers at watchTowr just published working proof-of-concept exploits for two unauthenticated remote code execution bug chains in backup giant Commvault.… This article has been indexed from The Register –…

Read more →

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.… This article has been indexed from The Register – Security…

Read more →

Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald’s staff and partner portals that allowed anyone to order free food online, get admin rights to the…

Read more →

Reconfigure local app settings via a ‘simple’ POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people’s personal computers, spy on their local chats,…

Read more →

Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers.… This article has been indexed from The…

Read more →

Toronto company says weekend cyber raid hit internal IT, not punters’ wallets Canadian casino software slinger Bragg Gaming Group has disclosed a “cybersecurity incident,” though it’s adamant the intruders never got their hands on customer data.… This article has been…

Read more →

Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight The UK government has reportedly abandoned its attempt to strong-arm Apple into weakening iPhone encryption after the White House forced Blighty into a quiet climb-down.… This article has been…

Read more →

Developer demand for sovereign cloud from tech giant is on the rise, says exec Interview  Google’s President of Customer Experience, Hayete Gallot, offered some words of comfort to developers who are looking nervously at the rise of AI assistants while…

Read more →