Tag: The Register – Security

Regulators logged over 400 personal data breach notifications a day for first time since law came into force GDPR fines pushed past the £1 billion (€1.2 billion) mark in 2025 as Europe’s regulators were deluged with more than 400 data breach…

Read more →

Mind the cyber gap – similar flaws highlighted multiple years in a row Concerned about the orgs that safeguard your money? The UK’s annual cybersecurity review for 2025 suggests you should be. Despite years of regulation, financial organizations continue to…

Read more →

Critical vuln flew under the radar for a decade A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is “trivial” to exploit, experts say.… This article has been indexed from The Register – Security Read the original…

Read more →

The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated zero-day in its Unified Communications gear, a flaw that’s already being weaponized in the wild, and which CISA previously flagged as…

Read more →

Where the shiny new FOMO object collides with insider-threat reality AI agents arrived in Davos this week with the question of how to secure them – and prevent agents from becoming the ultimate insider threat – taking center stage during…

Read more →

Phishing campaign tries to reel in master passwords Password managers make great targets for attackers because they can hold many of the keys to your kingdom. Now, LastPass has warned customers about phishing emails claiming that action is required ahead…

Read more →

Have I Been Pwned reckons 72.7M customer accounts affected, sportswear firm remains silent Have I Been Pwned (HIBP) says 72.7 million accounts registered with Under Armour were affected by an alleged ransomware attack in November.… This article has been indexed…

Read more →

Still dominant in Germany’s networks, among others The European Commission (EC) wants a revised Cybersecurity Act to address any threats posed by IT and telecoms kit from third-country sources, potentially forcing member states to confront the thorny issue of suppliers…

Read more →

Its very own Snooper’s Charter comes a month after proposed biometric tech expansion The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use.… This article has…

Read more →

Minister unwraps ambassadors of the Software Security Code of Practice Britain’s digital economy minister has sent forth a raft of companies as “ambassadors” to help organizations across the land embrace the UK’s Software Security Code of Practice.… This article has…

Read more →

Maintainer hopes hackers send bug reports anyway, will keep shaming ‘silly ones’ The maintainer of popular open-source data transfer tool cURL has ended the project’s bug bounty program after maintainers struggled to assess a flood of AI-generated contributions.… This article…

Read more →

ACME validation had a challenge-request hole Cloudflare has fixed a flaw in its web application firewall (WAF) that allowed attackers to bypass security rules and directly access origin servers, which could lead to data theft or full server takeover.… This…

Read more →

AI + skilled malware developers = security threat VoidLink, the newly spotted Linux malware that targets victims’ clouds with 37 evil plugins, was generated “almost entirely by artificial intelligence” and likely developed by just one person, according to the research…

Read more →

Update Chainlit to the latest version ASAP Two “easy-to-exploit” vulnerabilities in the popular open-source AI framework Chainlit put major enterprises’ cloud environments at risk of leaking data or even full takeover, according to cyber-threat exposure startup Zafran.… This article has…

Read more →

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious code or overwrite files via prompt injection.… This article has…

Read more →

Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices Cybercrime has entered its AI era, with criminals now using weaponized language models and deepfakes as cheap, off-the-shelf infrastructure rather than experimental tools, according to researchers…

Read more →

OG CDN boss says fighting illegal streams is about stopping criminals cashing in, not free speech Interview  After Cloudflare CEO Matthew Prince recently threatened to disrupt the Winter Olympics to protect free speech after Italian authorities fined his company for…

Read more →

Feras Albashiti faces 10 years after $20,000 in sales to undercover agent exposed ransomware ties A Jordanian national faces sentencing in the US after pleading guilty to acting as an initial access broker (IAB) for various cyberattacks.… This article has…

Read more →

They’re not the most sophisticated, but even simple attacks can lead to costly consequences The UK’s National Cyber Security Centre (NCSC) is once again warning that pro-Russia hacktivists are a threat to critical services operators.… This article has been indexed…

Read more →

Ships emergency update to fix a Patch Tuesday misfire that prevented systems from switching off Microsoft has rushed out an out-of-band Windows 11 update after January’s Patch Tuesday broke something as fundamental as turning PCs off.… This article has been…

Read more →