The Register – Security
New Linux malware targets the cloud, steals creds, and then vanishes 14 January 2026 at 21:39

New Linux malware targets the cloud, steals creds, and then vanishes

14 January 2026 at 21:39

Cloud-native, 37 plugins … an attacker's dream

A brand-new Linux malware named VoidLink targets victims' cloud infrastructure with more than 30 plugins that allow attackers to perform a range of illicit activities, from silent reconnaissance and credential theft to lateral movement and container abuse. …

The Register – Security
Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm 14 January 2026 at 01:36

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

The Register – Security

By: Jessica Lyons

14 January 2026 at 01:36

First Patch Tuesday of 2026 goes big

Microsoft and Uncle Sam have warned that a Windows bug disclosed today is already under attack.…

The Register – Security
Popular Python libraries used in Hugging Face models subject to poisoned metadata attack 13 January 2026 at 22:17

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The Register – Security

By: Jessica Lyons

13 January 2026 at 22:17

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded.…

Normal view

Cloud-native, 37 plugins … an attacker's dream

First Patch Tuesday of 2026 goes big

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group