The Register

Dutch spies flag large-scale campaign to hijack secure messaging accounts

Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys.…

This isn't just a nostalgia trip – billions of legacy microcontrollers may be at risk

AI can reverse engineer machine code and find vulnerabilities in ancient legacy architectures, says Microsoft Azure CTO Mark Russinovich, who used his own Apple II code from 40 years ago as an example.…

Britain's Ministry of Defence wants a counter-drone system designed, contracted, and delivered within weeks

Britain's Royal Navy is urgently seeking a ship-based counter-drone system and recent world events likely explain why.…

Cyber is no longer the hush-hush thing it used to be, as team Trump invades Iran with hackers taking the lead

Kettle  Unlike previous military conflicts, the cyber domain has been front and center since the Trump administration invaded Iran, upending the traditionally quiet role played by hackers in military conflicts.…

PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more

Infosec In Brief  The FBI is investigating a breach of its systems which reportedly affected systems related to wiretapping and surveillance.…

Crims 'will do what gets them their objective easiest and fastest,' Microsoft threat intel boss tells The Reg

interview  AI agents allow cybercriminals and nation-state hackers to outsource the "janitorial-type work" needed to plan and carry out cyberattacks, according to Sherrod DeGrippo, Microsoft's GM of global threat intelligence. North Korea is taking advantage.…

Now if only device makers would deliver higher quality components

Thanks to Anthropic's AI and its bug-detecting abilities, Firefox users can now enjoy stronger security. Unfortunately, if browser crashes rather than security flaws are the problem, Claude probably can't help.…

Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew

Hamas-linked attackers are dropping spyware disguised as an emergency-alert app on Israelis' smartphones via SMS messages, according to security researchers.…

Switchzilla says flaws could allow file overwrites or privilege escalation

Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software.…

Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves

A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer the keys to their browser vault.…

FBI and French GIGN swoop on Saint Martin, John Daghita in cuffs

The son of a government contractor was arrested in the Caribbean after allegedly stealing more than $46 million in seized cryptocurrency from the US Marshals Service, the FBI says.…

Released from the curse of the update bork fairy

Microsoft has finally fixed a Windows Recovery Environment (WinRE) bug it introduced in Windows 10's final update.…

Attackers accessed systems holding data tied to millions of Oyster and contactless users

Transport for London has confirmed that a 2024 breach exposed the data of more than 7 million people – a far larger crowd than the few thousand customers originally warned that their details might be at risk.…

Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech

Zero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage groups remaining the most prolific state-backed users, according to Google.…

MOIS-linked MuddyWater crew has a new, custom implant

An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies' networks - including a bank, software firm, and airport, among others - since the beginning of February, with more activity in the days following the US and Israeli military strikes, according to security researchers.…

Contractors tasked with improving AI reportedly had access to intimate footage captured through wearables

Britain's privacy watchdog is asking questions about Meta's AI-powered smart glasses after reports that human contractors reviewing recordings from the devices were exposed to extremely private moments captured by unsuspecting users.…

Attack infrastructure attributed to 'several Iran-nexus threat actors'

Multiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries since the war started on February 28, according to Check Point security researchers. …

Think before you download

OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake installers for it are wreaking havoc. Users who searched Bing’s AI results for “OpenClaw Windows” were directed to a malicious GitHub repository that delivered information stealers and GhostSocks onto their machines.…

Crooks claim 2 GB haul from AWS instance via React2Shell exploit

Data analytics giant LexisNexis has confirmed its Legal & Professional division suffered a data breach days after the Fulcrumsec cybercrime crew claimed responsibility for the hack.…

Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats

Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign.…