Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
Published: June 4, 2026 07:09
'Attackers can now cheaply operationalize known vulnerabilities at scale,' boffins tell The Reg
🦜 The Register - Security: Research
@www.theregister.com.security.research@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Biting the hand that feeds IT — Enterprise Technology News and Analysis
Site URL: www.theregister.com/security/research/
Feed URL: www.theregister.com/security/research/headlines.atom
Posts: 10
Followers: 1
ChatGPT blindly trusts browser content, turning the page into a payload
Published: May 29, 2026 12:00
You and me go ChatGPhish-ing in the dark
Russia-linked threat group put ChatGPT to work from lure to payload
Published: May 29, 2026 11:49
Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government
Kids say they can beat age checks by drawing on a fake mustache
Published: May 4, 2026 20:50
46% say age checks are easy to bypass, and nearly a third admit getting around them It’s been months since the UK government began requiring stronger age checks under the Online Safety Act, and recent research suggests those measures are falling short of…
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
https://go.theregister.com/feed/www.theregister.com/2026/04/30/chinese_spies_lurking_networks/
Published: April 30, 2026 11:00
Just in time for the Trump-Xi summit Exclusive A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly beyond, beginning in December 2024 and with activity uncovered as recently as this…
Researchers move in the right direction, develop powerful GPS interference alarm
https://go.theregister.com/feed/www.theregister.com/2026/04/29/boffins_new_gps_interference_alarm/
Published: April 29, 2026 20:11
ORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength GPS spoofing, which sends fake satellite-like signals, and GPS jamming, which drowns receivers in noise, are increasingly serious problems. Researchers at…
GitHub: Woah, a genuinely helpful AI-assisted bug report that isn't total slop. Here, Wiz, take this wad of cash
https://go.theregister.com/feed/www.theregister.com/2026/04/29/github_woah_a_genuinely_helpful/
Published: April 29, 2026 13:02
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure that handed remote attackers full…
Researchers find cyber-sabotage malware that may predate Stuxnet by five years
https://go.theregister.com/feed/www.theregister.com/2026/04/24/fast16_sabotage_malware/
Published: April 24, 2026 06:56
FAST16 could be the first cyberweapon, and its effects could be with us today Black Hat Asia Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at…
Weak security means attackers could disable all of a city's public EV chargers
https://go.theregister.com/feed/www.theregister.com/2026/04/24/rentable_iot_security_flaws/
Published: April 24, 2026 04:43
Demonstrated in China, probably applicable elsewhere Black Hat Asia Developers of rented internet of things infrastructure – stuff like public EV chargers and shared e-bikes – are prioritizing user convenience over security, and leaving themselves exposed…
Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus
https://go.theregister.com/feed/www.theregister.com/2026/04/20/lovable_denies_data_leak/
Published: April 21, 2026 02:50
A lesson in how not to respond to vulnerability reports UPDATED Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users' sensitive info, including credentials, chat…