Latest UK IT, cyber, hosting and MSP news

Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access. The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific configurations. Palo Alto disclosed the bug on May 13 and initially assigned it a medium-severity rating, saying it was aware of attempts to exploit it but had not obs…

Grand Theft Auto cheat users have discovered that even the people selling ways around the rules struggle to follow some basic security ones. According to breach notification site Have I Been Pwned, the operators of Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, suffered a data breach in May that exposed information belonging to tens of thousands of users after an attacker allegedly gained access to the service's systems and dumped its database online. The breach expose…

The biggest threat to America’s midterm elections in November likely isn’t foreign attackers hacking US voting machines. Phishing and election-official impersonation are the bigger risks, according to Check Point, which documented more than 5,000 election-themed domains registered between April and May. These domains can be used by attackers for phishing, impersonation, fraud, misinformation, or influence activity, especially when coupled with about 17,000 exposed credentials associated with fu…

Security researchers on Monday found dozens of Red Hat npm package releases infected with the Mini Shai-Hulud worm that TeamPCP cybercriminals recently open-sourced. The new supply chain attack hit at least 32 npm package releases published under the Red Hat Cloud Services namespace, according to security researchers from Google-owned Wiz, who traced the malware to one Red Hat employee’s compromised GitHub account. They said the affected packages are downloaded around 80,000 times a week. “The …

The Police Service of Northern Ireland (PSNI) is warning the public to be wary of scammers spoofing its switchboard number in an attempt to profit by calling marks from a "trustworthy" number. A member of the public reported an attempted scam on Monday afternoon. A phone call came in from what appeared to be the PSNI’s switchboard number, and the caller pretended to be a member of the force inquiring about a case in which the recipient was involved. “The caller told the person there was an inve…

Updated Claude has gone offline on the day after its maker Anthropic filed for what is expected to be a blockbuster IPO. The popular chatbot and coding tool suffered an outage from around 0600 UTC on Tuesday, with Anthropic saying the team was investigating the issue. By 1042 UTC, the status page said a fix had been implemented and the technical team was monitoring the results. Some users continued to complain to The Register about the disruption after that point. Downdetector shows users repor…

Microsoft has moved to calm an increasingly noisy backlash from the security community after appearing to threaten legal action against a researcher who spent the past several weeks dumping Windows zero-days onto the internet. In a statement published on Monday, Redmond said it has "no intention to pursue action against individuals conducting or publishing security research”, a noticeably softer position than the one it adopted just days earlier when it condemned a string of public vulnerabilit…

Russia's domestic spy agency says it has uncovered a sprawling foreign espionage operation that allegedly turned the smartphones of senior Russian officials into pocket-sized surveillance devices, though it has so far offered little in the way of evidence. In a statement Tuesday, the Federal Security Service (FSB) claimed foreign intelligence agencies implanted malware on the mobile devices of high-ranking Russian officials, allowing operators to steal data, intercept conversations, and secretl…

Bug hunting has become a whole lot more exciting in recent months with both Anthropic and OpenAI touting their latest models (that also happen to be super-scary exploit machines). On Tuesday, as Anthropic announced a fourfold expansion to its Mythos preview program, Cisco jumped into the fray, praising the transformative power of AI - but without disclosing how many bugs the latest frontier models found. Cisco SVP Anthony Grieco in a Tuesday blog said that the advanced AI systems, including Ant…

Even ransomware cartels make mistakes, and in this case, it was a biggie that could have landed the responsible crim in a Russian gulag: accidentally infecting a company located in a Commonwealth of Independent States country. In what threat-hunter Dominic Alvieri deemed the ransom “dumbass of the day,” Nova, the affiliate program for ransomware crew RAlord, on Tuesday issued an apology to Eriell Group, a major oilfield services company with headquarters in Uzbekistan and a corporate office in …

Updated: UK banks are set to receive access to OpenAI’s GPT-5.5 Cyber after being excluded from Anthropic’s latest expansion of Project Glasswing. Project Glasswing, and access to the Mythos Preview model, is geared toward ensuring critical infrastructure providers are prepared to handle the threat posed by advanced AI models, once they inevitably make their way into the public domain, and therefore the hands of attackers. However, amid a fourfold expansion of Glasswing’s partners, only JPMorga…

UPDATED Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with the way the company handles security reports. Ammar Askar dropped a proof of concept (PoC) exploit for a Visual Studio Code (VS Code) flaw within just an hour of disclosing it to “an old contact” at the open source platform, according to his account of things. The vulnerability he exposed involves attackers configuring repos, either of their own making or those the…

Wireless jamming attacks are on the rise. Rice University researchers have shown how self-curving radio beams can make a jammer appear to be somewhere it isn't, potentially undermining some anti-jamming defenses. Jamming relies on flooding a wireless receiver with noise that denies service. Some modern receivers identify and block jamming attempts using direction-of-arrival (DoA) estimation technology that pinpoints the jammer's direction and directs an array null that blocks signals emanating …

AI-enabled cybercriminals have better tools and are inflicting more pain on their victims, wiping out virtual machines and hypervisors and leaving infrastructure in a "dark, dead" state after an attack, said Commvault Chief Technology Officer Brian Brockway. "The majority of cyber cases that we've seen in the customer base have moved well beyond the breaking inside, and encrypting and corrupting some of your key files and folders, to taking over control of your entire VM environment, wiping out…

PWNED Welcome back to PWNED, the weekly column where we talk about weak security policies and how to avoid them. Hopefully, we can learn from others’ mistakes – or at least have a good laugh at them. Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request. This week, we have a tale of password passivity involving Active Directory. It comes to us courtesy of Rob Anderson, head of reactive consulting services at …

There's a lot of fear surrounding the bug-finding capabilities of super-advanced AI models like Anthropic's Mythos and OpenAI's GPT 5.5-Cyber. But attackers are already using free, publicly available LLMs to hijack networks and worm through software supply chains at a much lower cost – to them at least. The latest example comes from University of Toronto researchers, who used an unnamed, publicly available open-weight model released in 2025 to develop a computer worm that they claim spread thro…

Two former RAC workers in the UK have three months to pay more than £118,000 ($158,500) collectively after being convicted of selling crash victims’ data, according to the Information Commissioner’s Office (ICO). Debbie Okparavero and Maliha Islam, of Salford and Manchester respectively, were sentenced to six-month prison stints, suspended for 18 months, and 150 hours’ unpaid work in 2024, after being found guilty of offenses under the Computer Misuse Act 1990 and the Data Protection Act 2018. …

MI5 and its international allies are once again warning that China is shopping for state secret leakers on popular recruitment platforms, including LinkedIn, Indeed, and Upwork. In a fresh advisory published on Wednesday evening, the UK’s domestic counter-intelligence agency said China is using an increasing number of platforms to recruit those who have access to classified or privileged information. Chinese military intelligence officers specifically target security clearance holders, includin…

The next threat your server faces may have been helped along by a bot. OpenAI's Codex agent helped uncover a remote denial-of-service (DoS) exploit that can be launched from a single machine to render vulnerable web servers inaccessible in seconds, according to Calif security researchers. The attack works on default HTTP/2 configurations of major web servers including nginx, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. As of Thursday, Microsoft IIS and Cloudflare Pingora st…