May 2025

Unending ransomware attacks are a symptom, not the sickness

We need to make taking IT systems 'off the books' a problem for corporate types Opinion  It's been a devastating few weeks for UK retail giants. Marks and Spencer, the Co-Op, and now uber-posh Harrods have had massive disruptions due to ransomware attacks taking systems down for prolonged…

DOGE worker’s old creds found exposed in infostealer malware dumps

PLUS: Celsius scammer sent to slammer; Death-by-hacking victim warns you're never safe; and more Infosec in brief  Good cybersecurity habits don't appear to qualify anyone to work at DOGE, as one Musk minion seemingly fell victim to infostealer malware.…

You think ransomware is bad now? Wait until it infects CPUs

Rapid7 threat hunter wrote a PoC. No, he's not releasing it RSAC  If Rapid7's Christiaan Beek decided to change careers and become a ransomware criminal, he knows exactly how he'd innovate: CPU ransomware.…

Feds disrupt proxy-for-hire botnet, indict four alleged net miscreants

The FBI also issued a list of end-of-life routers you need to replace Earlier this week, the FBI urged folks to bin aging routers vulnerable to hijacking, citing ongoing attacks linked to TheMoon malware. In a related move, the US Department of Justice unsealed indictments against four foreign…

UK Ministry of Defence is spending less with US biz, and more with Europeans

France's share of MOD cash is growing while the US's shrinks The UK's Ministry of Defence (MOD) is gradually shifting its spending from the US to Europe, according to research from Tussell.…

VC behemoth Insight Partners fears top-secret financial info swiped by cyber-miscreants

Weapons-grade fuel for fraud Insight Partners, a mega venture capital firm with more than $90 billion in funds under management, fears network intruders got their hands on internal sensitive data about employees, portfolio companies, investors, and more.…

openSUSE deep sixes Deepin desktop over security stink

Linux giant finds Chinese environment to be perilous beneath pretty exterior SUSE has kicked the Deepin Desktop Environment (DDE) out of its community-driven Linux distro, openSUSE, and the reasons it gives for doing so are revealing.…

Sudo-rs make me a sandwich, hold the buffer overflows

Ubuntu 25.10 fitted with Rust-written admin tool by default for memory safety's sake Canonical's Ubuntu 25.10 is set to make sudo-rs, a Rust-based rework of the classic sudo utility, the default – part of a push to cut memory-related security bugs and lock down core system components.…

PowerSchool paid thieves to delete stolen student, teacher data. Looks like crooks lied

Now individual school districts extorted by fiends An education tech provider that paid a ransom to prevent the leak of stolen student and teacher data is now watching its school district customers get individually extorted by either the same ransomware crew that hit it – or someone connected…

After that 2024 Windows fiasco, CrowdStrike has a plan – jobs cuts, leaning on AI

CEO: Neural net tech 'flattens our hiring curve, helps us innovate' CrowdStrike – the Texas antivirus slinger famous for crashing millions of Windows machines last year – plans to cut five percent of its staff, or about 500 workers, in pursuit of "greater efficiencies," according to CEO and…

Copyright © 2026 Lugapel