infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in

In-the-wild exploitation of a critical Citrix NetScaler bug has begun less than a week after disclosure, with researchers warning that attackers are already poking and

The European Commission has admitted that attackers broke into its public-facing web infrastructure and siphoned off data in a bare-bones disclosure that answers the what

Who, Me? The week before Easter may be a short one for many in the Reg-reading world, but that won’t stop us from opening it

The United States’ ban on foreign-made SOHO routers won’t improve security, and only makes sense as “industrial policy disguised as cybersecurity,” according to Milton Mueller,

Dutch football giant AFC Ajax has admitted to a data breach after an attacker gained access to its internal systems, in an incident that looks

The UK and US are looking for technology to counter the threat posed by underwater drones to ships, harbors and other critical maritime infrastructure, and

This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven’t caught up with

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages. The researchers detail their

Business Security Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening

A member of the UK Parliament’s lower house who was the victim of a deepfake AI campaign this week had a rare chance to confront

The UK government will trial different levels of restrictions on social media for under-16s with the help of 300 families, alongside a public consultation that

Indian authorities have reportedly ordered an audit of the nation’s CCTV cameras, after police uncovered what they claim was a Pakistan-backed surveillance operation. This story

A new service that helps coding agents stay up to date on their API calls could be dialing in a massive supply chain vulnerability. Two

Smartphones have fast become the basis of our digital identities, securing payment systems and bank accounts. Now virtual devices that pretend to be real handsets

RSAC 2026 “Everybody feels massive FOMO if they don’t get to RSAC,” Jen Easterly says. To be fair, she has a vested interest in saying

rsac 2026 There’s a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And

Twenty years ago, almost to the day, Amazon Web Services (AWS) launched Simple Storage Service (S3). A few months later, the company’s Elastic Compute Cloud (EC2) service opened for public