SonicWall releases rootkit-busting firmware update following wave of attacks Security vendor's no good, very bad week year SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting Secure Mobile Access (SMA) 100 appliances.… #theregister #IT

SonicWall releases rootkit-busting firmware update

: Security vendor's no good, very bad week year

AI coding hype overblown, Bain shrugs Tried by two-thirds of firms, ignored by most devs, and productivity barely moved Software development was one of the first areas to adopt generative AI, but the promised revolution has so far delivered only modest productivity gains, and Bain says only a full rethink of the software lifecycle will shift the dial.… #theregister #IT

AI coding hype overblown, Bain shrugs

: Tried by two-thirds of firms, ignored by most devs, and productivity barely moved

Third time's the charm? SolarWinds (again) patches critical Web Help Desk RCE Or maybe 3 strikes, you're out? SolarWinds on Tuesday released a hotfix - again - for a critical, 9.8-severity flaw in its Web Help Desk IT ticketing software that could allow a remote, unauthenticated attacker to run commands on a host machine. … #theregister #IT

SolarWinds patches critical RCE - for the third time

: Or maybe 3 strikes, you're out?

OnePlus leaves researchers on read over Android bug that exposes texts Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.… #theregister #IT

Rapid7: OnePlus phones vulnerable to SMS theft since 2021

Updated: Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up

MX Linux 25 reaches beta testing – complete with systemd Fancy a taste? The version based on Debian 'Trixie' is nearly ready, but not all the changes may be entirely welcome The new Debian-13 version of MX Linux, version 25, is looking very close to ready for release. A big change may divide its audience, though.… #theregister #IT

MX Linux 25 reaches beta testing – complete with systemd

: Fancy a taste? The version based on Debian 'Trixie' is nearly ready, but not all the changes may be entirely welcome

SIM city: Feds say 100,000-card farms could have killed cell towers in NYC Secret Service seizes 300-server network allegedly tied to nation-state hackers The US Secret Service has dismantled a network of SIM farms in and around New York City it claims was behind multiple incidents targeting senior government officials and had enough power to disrupt entire cellular networks.… #theregister #IT

Secret Service dismantles 100,000 SIM card farm network

: Secret Service seizes 300-server network allegedly tied to nation-state hackers

Kaspersky: RevengeHotels checks back in with AI-coded malware Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk Kaspersky has raised the alarm over the resurgence of hotel-hacking outfit "RevengeHotels," which it claims is now using artificial intelligence to supercharge its scams.… #theregister #IT

Kaspersky: RevengeHotels returns with AI-coded malware

: Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk

OpenSSF warns that open source infrastructure doesn't run on thoughts and prayers Foundations say billions of downloads rely on registries running on fumes – and someone's gotta pay the bills The Open Source Security Foundation (OpenSSF) has had enough of being the unpaid janitor of the world's software supply chain.… #theregister #IT

OpenSSF to freeloaders: Open source infra isn

: Foundations say billions of downloads rely on registries running on fumes – and someone's gotta pay the bills

GitHub moves to tighten npm security amid phishing, malware plague Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing GitHub, which owns the npm registry for JavaScript packages, says it is tightening security in response to recent attacks.… #theregister #IT

GitHub to remove weak security options for npm registry

: Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing

Oracle gets to store US users' TikTok data, says Trump President to announce details on Big Red’s storage and security deal for Chinese social media phenomenon later this week The White House has promised that all US user data on TikTok will be stored on Oracle servers in the United States, according to a deal to be announced later this week.… #theregister #IT

Oracle gets to store US TikTok user data

: President to announce details on Big Red’s storage and security deal for Chinese social media phenomenon later this week