The Register-Security.
- Get link
- X
- Other Apps
"Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 07 March 2026, 1415 UTC.
Content and Source: "The Register-Security" via email subscription from https://feedly.com.
https://feedly.com/i/subscription/content/feed%2Fhttp%3A%2F%2Fwww.theregister.co.uk%2Fsecurity%2Fheadlines.atom
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
102
Yesterday
3 TTPs
by Thomas Claburn / 17h
Now if only device makers would deliver higher quality components Thanks to Anthropic's AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can't help.…
Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew Hamas-linked attackers are dropping spyware disguised as an emergency-alert app on Israelis' smartphones via SMS messages, according to security researchers.…
3 TTPs
by Carly Page / 23h
Switchzilla says flaws could allow file overwrites or privilege escalation Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software.…
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer the keys to their browser vault.…
FBI and French GIGN swoop on Saint Martin, John Daghita in cuffs The son of a government contractor was arrested in the Caribbean after allegedly stealing more than $46 million in seized cryptocurrency from the US Marshals Service, the FBI says.…
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
Released from the curse of the update bork fairy Microsoft has finally fixed a Windows Recovery Environment (WinRE) bug it introduced in Windows 10's final update.…
Attackers accessed systems holding data tied to millions of Oyster and contactless users Transport for London has confirmed that a 2024 breach exposed the data of more than 7 million people – a far larger crowd than the few thousand customers originally warned that their details might be at risk.…
Mar 5, 2026
Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech Zero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage groups remaining the most prolific state-backed users, according to Google.…
MOIS-linked MuddyWater crew has a new, custom implant An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies' networks - including a bank, software firm, and airport, among others - since the beginning of February, with more activity in the days following the US and Israeli military strikes, according to sec
by Carly Page / 2d
Contractors tasked with improving AI reportedly had access to intimate footage captured through wearables Britain's privacy watchdog is asking questions about Meta's AI-powered smart glasses after reports that human contractors reviewing recordings from the devices were exposed to extremely private moments captured by unsuspecting users.…
Mar 4, 2026
4 TTPs
by Jessica Lyons / 2d
Attack infrastructure attributed to 'several Iran-nexus threat actors' Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. …
10 TTPs
by Jessica Lyons / 2d
Think before you download OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake installers for it are wreaking havoc. Users who searched Bing’s AI results for “OpenClaw Windows” were directed to a malicious GitHub repository that delivered information stealers and GhostSocks onto their machines.…
Exfiltration (Enterprise TA0010)
by Connor Jones / 2d
Crooks claim 2 GB haul from AWS instance via React2Shell exploit Data analytics giant LexisNexis has confirmed its Legal & Professional division suffered a data breach days after the Fulcrumsec cybercrime crew claimed responsibility for the hack.…
by Connor Jones / 2d
Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign.…
Mar 3, 2026
Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.…
by Thomas Claburn / 3d
AI conversations for sale include sensitive health and legal details Your latest chat transcript could be bought and sold. Data brokers are selling access to sensitive personal data captured during chatbot conversations, despite claims that the data is anonymized and obtained with consent.…
No more hiding in the server closet: Cyber ops mentioned alongside kinetic warfare as critical to conflict In what may be the most public acknowledgment of its cyber operations capabilities to date, the Pentagon has admitted that cyber soldiers are playing a key role in its attacks on Iran. …
by Carly Page / 3d
Law enforcement data shows profit-driven cybercrime is dominated by 35- to 44-year-olds, not script kiddies Contrary to what some believe, cybercrime is not a kids' game. Middle-aged adults, not teenagers, now make up the biggest chunk of people getting busted.…
AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's Comet browser, until last month you could just schedule the theft by sending your victim a calendar event.…
High-severity flaw let malicious add-ons access system via browser's embedded AI feature Security boffins have discovered a high-severity bug in Google Chrome that allowed malicious extensions to hijack its Gemini Live AI panel and inherit privileges they were never meant to have.…
Third-party software supplier breached leading to leak of notes Around 15.8 million administrative files were stolen after attackers breached a software supplier to France's health ministry.…
Mar 2, 2026
2 TTPs
by Simon Sharwood / 4d
Slow disclosure and odd reassurance that exposing names and contact details won't be a problem isn't going down well Gamers are ready to unleash their mightiest virtual weapons and point them at independent games studio Cloud Imperium, after it sat on news of a data breach for weeks and then announced it without fanfare.…
19 TTPs
by Jessica Lyons / 4d
Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ongoing OAuth abuse scams that use phishing emails and URL redirects to infect victims' machines with malware and take over their devices.…
'Expect elevated activity for the foreseeable future' Iranian hackers have launched spying expeditions, digital probes, and distributed denial of service (DDoS) attacks in the wake of the US and Israel launching missile strikes over the weekend, and security researchers urge organizations to expect more cyber intrusions as the war continues.…
NCSC urges all to review posture as escalating tensions increase risk of indirect digital spillover The UK's cybersecurity agency is warning British organizations to brace for potential digital blowback as the Middle East conflict spills further into the online world.…
by Thomas Claburn / 5d
We can remember it for you wholesale, and sell it back to you for big bucks Web scraping bots are increasing the pressure on the tech supply chain by scouring sites for DRAM, so their minders can snap up increasingly scarce inventory and resell it for a quick profit.…
Vulnerable citizens targeted by criminals purporting to represent fake police crisis department Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.