January 2026

Ingram Micro admits summer ransomware raid exposed thousands of staff records

Maine filing confirms July attack affected 42,521 employees and job applicants Ingram Micro disclosed that a July 2025 ransomware attack compromised the personal data of tens of thousands of employees.…

UK prime minister stares down barrel of ban on social media for kids

Labour's latest U-turn? 61 backbenchers pile pressure for Starmer to back Tory peer's amendment The British government may impose a ban on under-16s using social media, despite Labour prime minister Keir Starmer having previously expressed skepticism over the measure.…

Fast Pair, loose security: Bluetooth accessories open to silent hijack

Sloppy implementation of Google spec leaves 'hundreds of millions' of devices vulnerable Hundreds of millions of wireless earbuds, headphones, and speakers are vulnerable to silent hijacking due to a flaw in Google's Fast Pair system that allows attackers to seize control without the owner ever touching the pairing…

Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch

Microsoft claims it's a Secure Launch bug We're not saying Copilot has become sentient and decided it doesn't want to lose consciousness. But if it did, it would create Microsoft's January Patch Tuesday update, which has made it so that some PCs flat-out refuse to shut down or…

German cops add Black Basta boss to EU most-wanted list

Ransomware kingpin who escaped Armenian custody is believed to be lying low back home German cops have added Russian national Oleg Evgenievich Nefekov to their list of most-wanted criminals for his services to ransomware.…

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet.…

Bankrupt scooter startup left one private key to rule them all

Owner reverse-engineered his ride, revealing authentication was never properly individualized An Estonian e-scooter owner locked out of his own ride after the manufacturer went bust did what any determined engineer might do. He reverse-engineered it, and claims he ended up discovering the master key that unlocks every scooter…

Probably not the best security in the world: Carlsberg wristbands spill visitor pics

Researcher shows how anyone can access Copenhagen experience attendees' names, videos Exclusive  The Carlsberg exhibition in Copenhagen offers a bunch of fun activities, like blending your own beer, and the Danish brewer lets you relive those memories by making images available to download after the tour is over.…

A simple CodeBuild flaw put every AWS environment at risk – and pwned ‘the central nervous system of the cloud’

And it's 'not unique to AWS,' researcher tells The Reg A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub repositories and put every AWS environment in the world at risk, according to Wiz security researchers.…

US regulator tells GM to hit the brakes on customer tracking

Smart Driver pitched as safety app, but feds claim it's a data-harvesting scheme that jacked up premiums The Federal Trade Commission has banned General Motors and subsidiary OnStar from sharing drivers' precise location and behavior data with consumer reporting agencies for five years under a 20-year consent order…

Copyright © 2026 Lugapel