Google sues 25 alleged BadBox 2.0 botnet operators • The Register
Google has filed a lawsuit against 25 unnamed individuals in China it accuses of breaking into more than 10 million devices worldwide and using them to build a botnet, called BadBox 2.0, and then to carry out other cybercrimes and fraud. "As of April 2025,...
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. Three of the patched flaws have a severity rating of 9.3, as they allow programs...
Watch out, another max-severity Cisco bug on the loose • The Register
Updated Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run arbitrary code on the operating system with...
Quantum computers still can’t factor as well as an abacus • The Register
The US National Institute for Standards and Technology (NIST) has been pushing for the development of post-quantum cryptographic algorithms since 2016. "If large-scale quantum computers are ever built, they will be able to break many of the public-key...
Microsoft extends updates for old Exchange and Skype servers • The Register
Microsoft has extended its security update programs for Exchange Server 2016 and 2019, and Skype for Business 2015 and 2019. The software behemoth announced the extension on Wednesday in twin posts that note the aforementioned products are “going out of support...
Co-op confirms data of 6.5 million members stolen in cyberattack
UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores. Co-op (short for the Co-operative Group) is one of the United...
U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms
A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country. Cameron John Wagenius was arrested in Texas on December 20, 2024 and indicted in the Western...
Ukrainian hackers claim IT attack on Russian drone maker • The Register
Ukrainian hackers claim to have taken out the IT infrastructure at Russia's Gaskar Integration plant, one of the largest suppliers of drones for its army, and also destroyed massive amounts of technical data related to drone production. Or, as described by the...
Cops bust Russian hacktivist crime org, shut down servers • The Register
International cops shut down more than 100 servers belonging to the pro-Russian NoName057(16) network this week as part of the Europol-led Operation Eastwood. The joint law enforcement effort involved 19 countries across Europe and North America, and resulted...
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. The backdoor is a user-mode rootkit that allows hackers to hide...