It’s not such a happy Monday for defenders wiping the sleep from their eyes only to deal with the latest supply chain attack. StepSecurity disclosed

UK government is set to crack open the pork barrel for up to £16 billion in contracts for a range of IT services. The buying

Here’s what’s been hot on the AI scene over the past 12 months, how it’s changing the face of warfare, and how you can fight

A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a

Infosec In Brief United States Federal Communications Commission chair Brendan Carr has unveiled plans to form a Council on National Security that will combat foreign

US politicians and privacy campaigners are calling for the private hearing between Apple and the UK government regarding its alleged encryption-busting order to be aired

Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January. Forescout said

Critical Infrastructure While relatively rare, real-world incidents impacting operational technology highlight that organizations in critical infrastructure can’t afford to dismiss the OT threat Phil Muncaster

Google has told The Register it’s beginning to roll out a fix for Chromecast devices that were crippled by an expired security certificate authority. We’re

House Democrats have sent letters to 24 federal agencies asking for assurances that Elon Musk’s DOGE team is not feeding sensitive government data into “unapproved

Google has told The Register it’s beginning to roll out a fix for Chromecast devices that were bricked due to an expired security certificate authority.

Uncle Sam’s cybersecurity agency is trying to save face by seeking to clear up what it’s calling “inaccurate reporting” after a former senior pen-tester claimed

An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees’ inboxes for financial fraud and theft, according to

The US cybersecurity agency is trying to save face by seeking to clear up what it’s calling “inaccurate reporting” after a former senior pentester claimed

DeepSeek’s flagship R1 model is capable of generating a working keylogger and basic ransomware code, just as long as a techie is on hand to

A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the usual two, according to a government

If you’re running an outdated version of Firefox, update by Friday or risk broken add-ons, failing DRM-protected media playback, and other errors, due to an

Updated A penetration tester who worked at the US govt’s CISA claims his 100-strong team was effectively dismissed after Elon Musk’s Trump-blessed DOGE unit cancelled