❌

Normal view

Received β€” 26 April 2026 ⏭ The Register – Security

ShinyHunters claim they have cruise giant Carnival's booty as 7.5M emails surface

24 April 2026 at 17:35

Leak-site bragging meets breach hunters as Have I Been Pwned flags millions of records

Carnival Corporation, the world's largest cruise company, is dealing with choppy waters after Have I Been Pwned flagged what it claimed were 7.5 million unique email addresses all allegedly tied to one of its subsidiaries. …

It's a myth that you need Mythos to find bugs: Open source models can do it just as well

24 April 2026 at 13:41

OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs

Black Hat AsiaΒ  Open source models can find bugs as effectively as Anthropic's Mythos, according to Ari Herbert-Voss, CEO of AI-powered security startup RunSybil and OpenAI's first security hire.…

UK gov pays public Β£550 to discuss Digital ID – then bans journalists from the room

24 April 2026 at 10:30

Nothing says 'We want honest opinions' like a 36,000-letter mailshot with no awkward questions allowed

Members of the UK government’s People’s Panel on Digital ID will spend two weekends in Birmingham and three evenings on Zoom discussing how Britain should build a national digital identity system, earning Β£550 plus expenses for their trouble.…

Researchers find cyber-sabotage malware that may predate Stuxnet by five years

24 April 2026 at 08:56

FAST16 could be the first cyberweapon, and its effects could be with us today

Black Hat AsiaΒ  Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges.…

Weak security means attackers could disable all of a city's public EV chargers

24 April 2026 at 06:10

Demonstrated in China, probably applicable elsewhere

Black Hat AsiaΒ  Developers of rented internet of things infrastructure – stuff like public EV chargers and shared e-bikes – are prioritizing user convenience over security, and leaving themselves exposed to wide-scale denial of service attacks on their services.…

❌