
Critical Erlang/OTP SSH pre-auth RCE is ‘Surprisingly Easy’ to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg...

Krebs resigns from SentinelOne after Trump memo targets him • The Register
Chris Krebs, the former head of the US Cybersecurity and Infrastructure Security Agency (CISA) and a longtime Trump target, has resigned from SentinelOne following a recent executive order that targeted him and revoked the security clearances of everybody at...

Ahold Delhaize confirms data theft after INC ransomware claims attack
Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. "Based on our investigation to date, certain files were taken from some of our internal U.S. business systems," a spokesperson...

British Army harnesses radio waves to fry drone swarms • The Register
British soldiers have successfully taken down drones with a radio-wave weapon. The demonstrator weapon, a type of Radiofrequency Directed Energy Weapon (RF DEW), uses high-frequency radio waves to disrupt the electronic components inside drones, resulting in...

Over 16,000 Fortinet devices compromised with symlink backdoor
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. This exposure is being reported by threat monitoring platform The...

Identifying the cyber risks that matter • The Register
Partner content A vast majority of security teams are overwhelmed by the large number of security alerts and vulnerabilities. As attack surfaces expand and adversaries evolve their tactics, it is becoming increasingly hard to separate noise from actual threat....

What are infostealers and how do I stay safe?
Here's what to know about malware that raids email accounts, web browsers, crypto wallets, and more – all in a quest for your sensitive data 16 Apr 2025 • , 6 min. read In the world of cybercrime, information is a means to an end. And that end, more often...

MITRE warns that funding for critical CVE program expires today
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity...

Homeland Security funding for CVE program expires • The Register
US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday. The 25-year-old CVE program plays a huge role in vulnerability management. It is responsible overseeing...

Landmark Admin data breach impact now reaches 1.6 million people
Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory...