Inlay

Profile

Cybersecurity editor @theregister.com Contact me with tips: [email protected] or jess.825 on Signal Mama bear, book worm, outdoor lover, coffee and wine snob. PNW after decades in Santa Cruz but Blazers fan always.

Jessica Lyons

If you have a Fortinet firewall, it's time to stop and change your passwords. Intruders somehow gained access to around 75,000 Fortinet firewall devices and stole credentials belonging to major corporations across 194 countries, in some cases leading to full network compromise.

"I'm concerned about what they are leaving behind: What type of C2 on a sleep cycle is still lingering in these environments?" TrendAI VP Tom Kellermann told me in an exclusive interview about the never-before-seen campaign.

An npm-slop package “mouse5212-super-formatter” targeting Claude users and acting as a stealer reached 676 downloads before being removed from the registry - and after making a major vibe coding blunder.

Thank you @jessicalyons.bsky.social & @theregister.com for letting me call ShinyHunters scumbags 😂

Data theft and extortion group ShinyHunters exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 vulnerable instances, beginning in May.

Turns out Gemini makes a perfect hacking partner.

Nightmare Eclipse, the prolific bug hunter and possibly disgruntled ex-Microsoft employee, released another 0-day - this one is No. 7 - just hours after Microsoft's Patch Tuesday security updates. www.theregister.com/security/202...

The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was a three-word prompt: “Fix this code.” That's according to Luta Security CEO @k8em0.bsky.social - the only outside expert to read the research paper on the guardrail bypass that prompted the ban.

"A national agency having 844 MB of production infrastructure material in a public GitHub repository for six months is as serious as a secrets leak gets," GitGuardian researcher Guillaume Valadon told me.

“At first, yes, this means more patches and thus more work for admins,” @dustinchilds.bsky.social told me. “The goal over time would be to eliminate as many as possible, and, over time, that monthly number goes down.”