In the latest chapter on leaky CUPS, a security researcher and his band of bug-hunting agents have found two flaws that can be chained to

Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least

Kettle When it comes to circling up for this week’s Kettle, what is there to discuss but Anthropic’s accidental release of Claude Code’s source code?

interview Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest. They hide out in hidden

The US Cybersecurity and Infrastructure Security Agency’s budget will see yet another deep cut if Congress approves President Trump’s proposal to slash CISA’s spending by

Webinar Promo The shift to hybrid work has reshaped the enterprise perimeter. Users are logging in from home networks, shared spaces and unmanaged devices, while

Tens of thousands of people eagerly downloaded the leaked Claude Code source code this week, and some of those downloads came with a side of

Pwned Welcome to Pwned, The Register’s new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is

AI hiring startup Mercor confirmed it was “one of thousands of companies” affected by the LiteLLM supply-chain attack as the fallout from the Trivy compromise

interview Amazon has seen a 40 percent efficiency gain by using AI tools to pentest its products before and after launch, according to security chief

The UK government will spend about £630,000 running a discussion panel on its digital identity card plans, which minister James Frith said will “consider different

Digital Security Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay. Phil Muncaster 01

Nearly 80 percent of British manufacturers say they’ve been hit by a cyber incident in the past year, as new research suggests disruption on the

Be careful what you click on. Miscreants are abusing WhatsApp messages in a multi-stage attack that delivers malicious Microsoft Installer (MSI) packages, allowing criminals to

Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been

One of npm’s most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer’s account and slipped a remote-access

The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan 31 Mar

OpenAI talks up data security for its AI services, yet Check Point says that ChatGPT allowed data to leak through a DNS side channel before