Category: The Register – Security

Malicious PDFs abuse legit features to harvest system data and decide which victims get a 2nd-stage payload Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets…

Read more →

No emails, no warnings, no humans – just bots, catch-22s, and a 60-day appeals queue Microsoft says that it will work on how it communicates with developers after two leading open source figures were suddenly locked out of their accounts,…

Read more →

Wash your mouth out with digital soap Apple Intelligence, the personal AI system integrated into newer Macs, iPhones, and other iThings, can be hijacked using prompt injection, forcing the model into producing an attacker-controlled result and putting millions of users…

Read more →

Attackers slipped into the process and redirected funds, leaving the company scrambling to recover the cash UK-listed oil and gas outfit Zephyr Energy plc has admitted a cyber incident siphoned off roughly £700,000 after a single payment to a contractor…

Read more →

Even fitness equipment is vulnerable to mischief makers these days PWNED  Welcome back to Pwned, the column where we share war stories from IT soldiers who shot themselves – or watched someone else shoot themselves – in the foot. Today’s…

Read more →

The time is maybe Quantum computing exists in a sort of superposition with regard to cryptography – it’s both a pending threat and a technology of no immediate consequence for decryption.… This article has been indexed from The Register –…

Read more →

If they don’t know what they’re doing, you might never get your data back interview  It’s the biggest threat today, but it took her a while to appreciate it. After spending two decades at the FBI and much of that…

Read more →

ChipSoft’s website remains down but emails are functioning A Dutch healthcare software vendor has been knocked offline following a ransomware attack, officials say.… This article has been indexed from The Register – Security Read the original article: Dutch healthcare software…

Read more →

Two practice web addresses appear to have been compromised Multiple domains belonging to Scottish healthcare providers have been hijacked and are now pushing links to adult content and illegal sports streams, according to a researcher.… This article has been indexed…

Read more →

President Brad Smith tells an interviewer that Microsoft is reconsidering datacenter design in light of Iran war Microsoft is reevaluating how it designs and builds datacenters in conflict-prone regions after Iran began targeting Middle Eastern bit barns in retaliation for…

Read more →

Hasn’t released it to the public, because it would break the internet – in a bad way For years, the infosec community’s biggest existential worry has been quantum computers blowing away all classical encryption and revealing the world’s secrets. Now…

Read more →

Your PLCs aren’t internet-connected, right? Right?! Iranian-affiliated actors have escalated intrusions targeting critical US water and energy facilities, in some cases disrupting operations, the FBI and American cyber defense agencies said on Tuesday.… This article has been indexed from The…

Read more →

Who needs MFA when you’ve got EvilTokens? Hundreds of organizations have been compromised daily by a Microsoft device-code phishing campaign that uses AI and automation at nearly every stage of the attack chain to ultimately snoop through corporate email inboxes…

Read more →

Bots are now firmly in the toolbox, helping crooks scale old scams Crims are taking advantage of AI to sharpen old scams. The FBI reported Monday that cybercrime losses hit a record $20.87 billion in 2025, with help from bots.……

Read more →

200 orgs and 5,000 devices compromised so far in Vlad’s latest intelligence grab, Microsoft reckons The UK’s National Cyber Security Centre (NCSC) has issued a fresh warning about Russia’s ongoing targeting of routers to steal passwords and other secrets.… This…

Read more →

Customizations are causing pain so new cloud will stick to upstream cuts of the open source stack LY Corporation, the Japanese web giant that dominates messaging, e-commerce and payments in many Asian countries, has revealed it is replacing a heavily-customized…

Read more →

CUPS server shown spilling out remote code execution and root access In the latest chapter on leaky CUPS, a security researcher and his band of bug-hunting agents have found two flaws that can be chained to allow an unauthenticated attacker…

Read more →

CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31.……

Read more →

Pay no attention to that code behind the curtain, says Anthropic as it scrambles to defend its IPO Kettle  When it comes to circling up for this week’s Kettle, what is there to discuss but Anthropic’s accidental release of Claude…

Read more →

True-crime tales of criminals making fools of themselves interview  Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest.… This article has been indexed from The Register – Security Read the…

Read more →