Tag: The Register – Security

Max-severity OneView hole joins a PowerPoint bug that should’ve been retired years ago CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE’s OneView management software…

Read more →

Lawyers say Musk’s platform may face punishment under Online Safety Act priority offenses Elon Musk’s X platform is under fire as UK regulators close in on mounting reports that the platform’s AI chatbot, Grok, is generating sexual imagery without users’…

Read more →

Unauthenticated RCE means anyone on the network can seize full control A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn’t even…

Read more →

They also hallucinate when writing ransomware code Interview  With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn’t be surprising that criminals like automated coding tools too.… This article has been indexed from The…

Read more →

Happy Groundhog Day! Security researchers at Radware say they’ve identified several vulnerabilities in OpenAI’s ChatGPT service that allow the exfiltration of personal information.… This article has been indexed from The Register – Security Read the original article: OpenAI putting bandaids…

Read more →

Company says it dropped the ball, apologizes for wasting people’s time Logitech says an expired developer certificate is to blame after swaths of customers were left infuriated when their mice malfunctioned.… This article has been indexed from The Register –…

Read more →

Suggests rotten routing, not evidence of a cyber-strike before kinetic action Cloudflare has poured cold water on a theory that the USA’s incursion into Venezuela coincided with a cyberattack on telecoms infrastructure.… This article has been indexed from The Register…

Read more →

Prompt injection lets risky commands slip past guardrails IBM describes its coding agent thus: “Bob is your AI software development partner that understands your intent, repo, and security standards.” Unfortunately, Bob doesn’t always follow those security standards.… This article has…

Read more →

Two weeks, two major data leaks … not a good look for the European Space Agency exclusive  The European Space Agency on Wednesday confirmed yet another massive security breach, and told The Register that the data thieves responsible will be…

Read more →

pcTattletale boss Bryan Fleming faces up to 15 years in prison when sentenced later this year The US government has secured a guilty plea from a stalkerware maker in federal court, marking just the second time in more than a…

Read more →

Negative feedback sinks Redmond’s plan to cap outbound email recipients Microsoft has backed away from planned changes to Exchange Online after customers objected to limits designed to curb outbound email abuse.… This article has been indexed from The Register –…

Read more →

High-risk system compromised long before intrusion was finally spotted The UK’s Ministry of Justice spent £50 million ($67 million) on cybersecurity improvements at the Legal Aid Agency (LAA) before the high-profile cyberattack it disclosed last year.… This article has been…

Read more →

Production halts and supply-chain disruption left luxury automaker reeling in fiscal Q3 Brit luxury automaker Jaguar Land Rover has reported devastating preliminary Q3 results that lay bare the cascading consequences of a crippling cyberattack, revealing wholesale volumes collapsed more than…

Read more →

Customers report being locked out after grabbing the password manager via F-Droid Some HSBC mobile banking customers in the UK report being locked out of the bank’s app after installing the Bitwarden password manager via an open source app catalog.……

Read more →

Long after CVEs issued and open source flaws fixed Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne’s Internet Bug Bounty (IBB) program. Both were assigned CVEs and have since been fixed.…

Read more →

Crimson Collective claims ‘sophisticated attack’ that allows them to ‘disconnect every user from their mobile service’ Internet service provider Brightspeed confirmed that it’s investigating criminals’ claims that they stole more than a million customers’ records and have listed them for…

Read more →

Phishers posing as Booking.com use panic-inducing blue screens to bypass security controls Russia-linked hackers are sneaking malware into European hotels and other hospitality outfits by tricking staff into installing it themselves through fake Windows Blue Screen of Death (BSOD) crashes.……

Read more →

Order and contact details accessed via ecommerce partner, and phishing has begun Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may…

Read more →

Central government will supposedly be as secure as energy facilities and datacenters under new proposals The UK today launches its Government Cyber Action Plan, committing £210 million ($282 million) to strengthen defenses across digital public services and hold itself to…

Read more →

Phones, email, and core systems knocked out at Higham Lane in Nuneaton Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and staff to summon…

Read more →