2025

Boffins say tool can sniff 5G traffic, launch ‘attacks’ without using rogue base stations

Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up- and downlink sniffing and a novel connection downgrade attack - plus "other serious exploits" they're keeping…

Every question you ask, every comment you make, I’ll be recording you

When you're asking AI chatbots for answers, they're data-mining you Opinion  Recently, OpenAI ChatGPT users were shocked – shocked, I tell you! – to discover that their searches were appearing in Google search. You morons! What do you think AI chatbots are doing? Doing all your homework for…

Someone’s poking the bear with infostealers targeting Russian crypto developers

If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it Researchers at software supply chain security outfit Safety think they’ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia’s state-linked ransomware crews…

Election workers fear threats and intimidation without feds’ support in 2026

'Hope for the best, but prepare for the worst,' one tells The Reg Feature  Bill Gates, an Arizona election official and former Maricopa County supervisor, says that the death threats started shortly after the 2020 presidential election.…

Typhoon-adjacent Chinese crew broke into Taiwanese web host

Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools, Cisco Talos reports.…

Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

Switchzilla's summer of perfect 10s Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary shell commands on vulnerable systems.…

Cyberattack on Dutch prosecution service is keeping speed cameras offline

Who knew zero-days could be so useful to highway speedsters? The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country.…

Telco giant Colt suffers attack, takes systems offline

London-based multinational takes customer portal and Voice API platform offline as 'protective measure' following breach Updated  Multinational telco Colt Technology Services says a "cyber incident" is to blame for its customer portal and other services being down for a number of days.…

LLM chatbots trivial to weaponize for data theft, say boffins

System prompt engineering turns benign AI assistants into 'investigator' and 'detective' roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to autonomously harvest users’ personal data, even by attackers with "minimal…

Should UK.gov save money by looking for open source alternatives to Microsoft? You decide

As £9 billion MoU sparks debate about value for money, it's time to have your say Register debate series  It's a lot of money, £9 billion ($12 billion). Especially for a government which finds itself — for whatever reason — in a fiscal dead end.…

Copyright © 2026 Lugapel