The Register-Security
- Get link
- X
- Other Apps
"Microsoft wants to replace its entire C an C++ code base by 2030."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 25 December 2025, 0350 UTC.
Content and Source provided by email subscription from https://feedly.com.
https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
123
Most popular
Plans move to Rust, with help from AI Microsoft wants to translate its codebase to Rust, and is hiring people to make it happen.…
by Connor Jones / 12h
Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
AI goes off the rails … because of shoddy guardrails Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could allow an attacker to inject malicious HTML content or trick the bot into leaking system prompts. Their thank you from the company: being accused of "blackmail."…
Yesterday
Customers will be able to see vulnerabilities, prioritize risks, and close them with automated workflows. After over a week of speculation, ServiceNow announced on Tuesday that it has agreed to buy cybersecurity heavyweight Armis in a $7.75 billion deal that will see the workflow giant incorporate a real-time security intelligence feed into its products.…
Automaker's third security snafu in three years Thousands of Nissan customers are learning that some of their personal data was leaked after unauthorized access to a Red Hat-managed server, according to the Japanese automaker.…
by Richard Speed / 1d
Redmond gets in early for the twelve whoopsies of Christmas Microsoft has hustled out an out-of-band update to address a Message Queuing issue introduced by the December 2025 update.…
Dec 22, 2025
And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts.…
SEC filings show the outfit cut projected 2027 cloud purchase commitments by $114M Security vendor Palo Alto Networks is expanding its Google Cloud partnership, saying it will move "key internal workloads" onto the Chocolate Factory's infrastructure. The outfit also claims it is tightening integrations between its security tools and Google Cloud to deliver what it calls a "unified" security exper
by Jessica Lyons / 2d
Ah, the good old days when 0-day development took a year Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.…
Anna’s Archive’s idealism doesn’t quite survive its own blog post What would happen to the world's music collections if streaming services disappeared? One hacktivist group says it has a solution: scrape around 300 terabytes of music and metadata from Spotify and offer it up for free as what it calls the world’s first “fully open” music preservation archive.…
Judge says former most-wanted fugitive Mark Acklom will likely never return to the UK The UK's Crown Prosecution Service (CPS) says a fraudster who claimed to be part of MI6 must repay £125,000 ($168,000) to a former love interest that he conned.…
2 TTPs
by Connor Jones / 2d
On-site staff keep key systems working while all but one region battles with encrypted PCs Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing.…
Dec 21, 2025
SK Telecom's epic infosec fail will cost it another $1.5 billion South Korea's government on Friday announced it will require local mobile carriers to verify the identity of new customers with facial recognition scans, in the hope of reducing scams.…
PLUS: Debian supports Chinese chips ; Hong Kong’s Christmas Karaoke crackdown; Asahi admits it should have prevented hack; And more! APAC in Brief Google and Apple last week started to allow developers of mobile applications to distribute their wares through third-party app stores and accept payments from alternative payment providers.…
PLUS: Texas sues alleged TV spies; The Cloud is full of holes; Hospital leaked its own data; And more Infosec In Brief Google will soon end its “Dark Web Report”, an email service that alerts users when their personal information appears on the internet’s dark underbelly.…
Dec 20, 2025
Time signals shifted by a tiny amount that only very sensitive users would find upsetting UPDATED A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.…
Dec 19, 2025
Latest charges join the mountain of indictments facing alleged Tren de Aragua members A Venezuelan gang described by US officials as "a ruthless terrorist organization" faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars.…
6 TTPs
by Carly Page / 5d
Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.…
Attackers helped themselves to historical personal info on 27K people The University of Sydney is ringing around thousands of current and former staff and students after admitting attackers helped themselves to historical personal data stashed inside one of its online code repositories.…
Maximum-severity vuln lets unauthenticated attackers execute code on trusted infra management platform Hewlett Packard Enterprise has told customers to drop whatever they're doing and patch OneView after admitting a maximum-severity bug could let attackers run code on the management platform without so much as a login prompt.…
by Connor Jones / 5d
Officials admit 'there certainly has been a hack,' but refuse to confirm China link or data theft The UK's Foreign Office is investigating a confirmed cyberattack it learned about in October, senior ministers say.…
by SA Mathieson / 5d
Ofcom survey finds 18-34s increasingly see life online as bad for society and their mental health Young Brits are souring on the internet, with increasing numbers seeing it as damaging to society and their mental health, according to latest research published by Ofcom.…
Dec 18, 2025
by David Gordon / 5d
Practical lessons on securing AI and using AI to strengthen defence Sponsored Post AI is moving from experimentation to everyday use inside the enterprise. That shift brings new opportunities, but it also changes the security equation. Attacks are becoming faster and more convincing, while organizations are simultaneously trying to protect new assets like models, prompts, agent workflows, and the
by Simon Sharwood / 6d
Beijing wants to 'seize the initiative in the international competition in cyberspace' Chinese authorities on Thursday certified the China Environment for Network Innovation (CENI), a vast research network that Beijing hopes will propel the country to the forefront of networking research.…
Plus: Lazarus Group has a brand new BeaverTail Even Amazon isn't immune to North Korean scammers who try to score remote jobs at tech companies so they can funnel their wages to Kim Jong Un's coffers.…
by Thomas Claburn / 6d
Study finds built-in browsers across gadgets often ship years out of date Web browsers for desktop and mobile devices tend to receive regular security updates, but that often isn't the case for those that reside within game consoles, televisions, e-readers, cars, and other devices. These outdated, embedded browsers can leave you open to phishing and other security vulnerabilities.…
'Within 10 minutes of gaining initial access, crypto miners were operational' Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing their Elastic Container Service (ECS) and their Elastic Compute Cloud (EC2) resources, in an ongoing operation that started o
ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…
4 TTPs
by Carly Page / 6d
Flaw in remote-access appliance lets attackers chain bugs for root-level takeover SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes.…
Justice Department claims unlicensed exchange funneled ransomware profits US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator.…
by Connor Jones / 6d
Around 2,000 GP practices use its products Updated An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…
7 TTPs
by Carly Page / 6d
Security boffins warn flaw is now being used for ransomware attacks against live networks Microsoft says attackers have already compromised "several hundred machines across a diverse set of
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.