惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Cyberwarzone
Cyberwarzone
F
Full Disclosure
V
Visual Studio Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
有赞技术团队
有赞技术团队
J
Java Code Geeks
博客园 - 【当耐特】
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
L
LINUX DO - 最新话题
T
Threatpost
S
SegmentFault 最新的问题
Vercel News
Vercel News
云风的 BLOG
云风的 BLOG
C
Cyber Attacks, Cyber Crime and Cyber Security
Google DeepMind News
Google DeepMind News
Know Your Adversary
Know Your Adversary
S
Schneier on Security
V
Vulnerabilities – Threatpost
D
DataBreaches.Net
G
GRAHAM CLULEY
Latest news
Latest news
P
Privacy International News Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
CXSECURITY Database RSS Feed - CXSecurity.com
Scott Helme
Scott Helme
L
Lohrmann on Cybersecurity
T
The Exploit Database - CXSecurity.com
Security Latest
Security Latest
G
Google Developers Blog
L
LangChain Blog
MyScale Blog
MyScale Blog
Project Zero
Project Zero
N
News and Events Feed by Topic
Hacker News - Newest:
Hacker News - Newest: "LLM"
大猫的无限游戏
大猫的无限游戏
P
Proofpoint News Feed
Blog — PlanetScale
Blog — PlanetScale
阮一峰的网络日志
阮一峰的网络日志
N
News | PayPal Newsroom
www.infosecurity-magazine.com
www.infosecurity-magazine.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
SecWiki News
SecWiki News
T
Tor Project blog
C
Check Point Blog
Google Online Security Blog
Google Online Security Blog
GbyAI
GbyAI
The Last Watchdog
The Last Watchdog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
WordPress大学
WordPress大学

The Register - Security

India's cyber agency sets clock at 12 hours to tackle exploited bugs as AI turns up the heat Are we human? MyPillow must decide whether to be firm or soft as ransomware crims demand pay Experts pour cold borscht on Farage's Russian hack claim AI eyes scanning for bugs create a worrisome Linux security trend A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets Techie claims Trump Mobile website was leaking thousands of people's data Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund' Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach Microsoft open-sources agentic AI safety tools Are we human? America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames Shai-Hulud copycat worm infects yet another npm package MPs want social media treated more like unsafe toys than harmless apps Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data To gain root access, intruder just had to ask AWS patched Quick auth bypass, says customers weren't using control Disgruntled researcher releases two more Microsoft zero-days Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files US bank reports itself after slinging customer data at 'unauthorized AI app' Anthropic’s bug-hunting Mythos was greatest marketing stunt ever, says cURL creator Best Western Hotels confirms web app data breach Arctic Wolf cuts 250 jobs in AI push 1 in 8 workers say selling company logins is justifiable Iran cyberspies LARPing as ransomware crims in espionage ops UK age-gating plans risk breaking the internet, privacy groups warn India orders infosec red alert in case Mythos sparks crime 'CopyFail' attackers start cashing in on Linux flaw ShinyHunters claims dump puts 119K Vimeo emails in the wild ShinyHunters claims 119K Vimeo emails in the wild Singapore boffins get diverse SIEMs singing in harmony Shadow IT has given way to shadow AI. Enter AI-BOMs AI-BOMs replace SBOMs as way to track AI agents and bots Home Office adds £216M to travel doc contract before bids FBI: China's hacker-for-hire ecosystem 'out of control' UK business breach rate stuck at 43%... blame the phishing What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia Chinese spy group caught lurking in Poland, Asia networks Critical cPanel, WHM flaw probs exploited as 0-day, pros say ORNL builds more sensitive GPS interference detector Microsoft patch fell short. New Windows flaw exploited Fooling large language models just keeps getting simpler Wiz hands GitHub AI-aided bug report that isn Don’t pay VECT a ransom - your big files are likely gone Pitney Bowes the latest victim of ShinyHunters’ breach-spree Ongoing supply-chain attack targets security, dev tools Medical and utility tech companies admit digital breakins Cybersecurity professional getting more work and less pay Crime crew impersonates help desk, abuses Teams chats ShinyHunters claim they have cruise giant Carnival’s booty CISA, NCSC issue Firestarter backdoor warning Intel expects AI inference to drive demand for its CPUs Open source models can find bugs as well as Mythos Researchers find sabotage malware that may predate Stuxnet Attackers could disable all of a city's public EV chargers Age checks could turn internet into an ID checkpoint, complains Proton CEO If malware via monitor cables is a matter of national security, this might be the gadget for you France's 'Secure' ID agency probes breach as crooks claim 19M records Scotland Yard can keep using live facial recognition on Londoners, say judges Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account Crook claims to leak 'video surveillance footage' of companies Met police trials snoop tech platform in push to cuff more London shoplifters Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul Panasonic creates device-locked QR codes to speed facial biometric capture Iran claims US used backdoors to knock out networking equipment during war Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Scot becomes second Scattered Spider-linked crook to plead guilty in US Just like phishing for gullible humans, prompt injecting AIs is here to stay Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug Git identity spoof fools Claude into giving bad code the nod McGraw Hill linked to 13.5M-record data leak Microsoft announces product it doesn't want anyone to buy Server-room lock was nothing but a crock Nobody knows how many CVEs Anthropic's Project Glasswing has actually found Autovista blames ransomware for service disruption French cops free mother and son after crypto kidnapping UK told its Big Tech habit is now a national security risk Commvault has a Ctrl+Z for rogue AI agents No honor among thieves as 0APT threatens rival ransomware gang Krybit Fake Linux leader using Slack to con devs into giving up their secrets Booking.com warns of possible reservation data exposure NHS pays £46K to prep next Microsoft licensing round China wants AI to prepare school lessons and mark homework Anthropic's Mythos has The Kettle crew curious, skeptical Two different attackers poisoned popular open source tools Hungary officials used weak passwords exposed in breach dump CPUID hijacked to serve malware as HWMonitor downloads Unpacking AI security 2026 from experimentation agentic era Microsoft locks out top open source devs, blames process NHS Scotland-linked domains push pr0n and illegal streams Iran cyber actors disrupting US water, energy facilities, FBI warns Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns AI agents found vulns in this Linux and Unix print server Don't glamorize cybercrims, roast them instead Trump wants to take a battle axe to CISA again and slash $707M from budget
Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor
Connor Jones · 2026-04-22 · via The Register - Security

State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.

The NCSC has in previous years labelled the threat posed by China in cyberspace as "epoch-defining," although Horne re-jiggered this description in his opening plenary at CYBERUK 2026.

According to a transcript of his speech shared with The Register ahead of time, Horne will tell delegates attending the Glasgow conference on Wednesday that China is no longer just a capable cyber threat, but thanks to its whole-of-state approach, it now represents "a peer competitor in cyberspace."

In October, the UK cyber agency warned that it had handled an average of four nationally significant cyberattacks a week over the previous year, with state-linked threats from China, Russia, Iran, and North Korea remaining among its chief concerns.

The NCSC, alongside its partners like the National Protective Security Authority, says Russia is continuing to launch hybrid attacks against Britain and EU countries it considers hostile, all while using the techniques honed during the invasion of Ukraine.

The annual event comes weeks after reports that the UK is readying the nation - both in terms of its military and civilian population - for wartime.

Horne is to say: "We can't know over the next ten years whether the UK will be in a state of conflict. But we do know that we must prepare for that eventuality. The Strategic Defence Review told us.

"We do know from conflicts around the world this last year that cyber operations are now integral to conflict, as much a reality of modern warfare as drones and missiles. And the scope of targeting is getting wider. The attacks on the Polish energy sector in December are a stark reminder of that reality, that cybersecurity is the home front."

Cyber practitioners, such as those in the National Cyber Force, will continue to carry out offensive operations that "protect our nation, countering those who would do us harm," according to the NCSC CEO.

Unlike ransomware, these attacks can damage critical national infrastructure, and they cannot be brushed away with a simple payment.

"Defending against that means every organization embedding cybersecurity into their corporate mission, ensuring they understand the full extent of risk they face, build defense in depth so that initial footholds by an attacker don't result in catastrophic impact. And they can respond to remain operational and rebuild following a successful attack.

"We should already be at the point where paying ransoms in the face of destructive attacks simply doesn't happen, with every organization ready for the day when paying their way out just isn't an option."

AI, obviously

Together with today's geopolitics and the frontier artificial intelligence models on the horizon, the UK faces a period of "tumultuous uncertainty" that requires a significant shift in culture for cyber defense, the NCSC bigwig is expected to claim.

Horne will break no new ground on AI, though he will make the case for embracing it in defense before adversaries weaponize it for new forms of attack. His sharper point is that AI will act as a torch shone into the rot already baked into today's software, exposing long-buried vulnerabilities and the shoddy security fundamentals too many in the industry have quietly tolerated.

"We must embrace it, secure it, and shape it."

It is time for the "naïve" organizations not viewing their technology base "as core to their prosperity and security," to drive this industry-wide change toward greater resilience, Horne argues.

"We cannot manage the risk in isolation. Our job is now to catalyze the change we need in our organizations - a cultural shift – so that everyone, whether they sit on the board or the IT help desk, knows that cybersecurity is part of their mission. That it is not just the responsibility of the few, but a shared mission – core to the purpose of every organization.

"Driving that cultural shift demands that we think differently, with greater diversity of skills, minds, and backgrounds, for us as a community to be bold, to make the case for cyber security and resilience as a strategic investment. Not a cost to be minimized."

It's a message the NCSC might usefully stencil onto the foreheads of every CIO who has ever convinced themselves that outsourcing security to the lowest bidder counts as a strategy. That arrangement tends to look considerably less clever when the wolves are at the door — and the wolves Horne has in mind are not your garden-variety ransomware crews with an eye on a quick payday.

Nation-state cyber baddies want something far harder to recover than money: your infrastructure, your secrets, your leverage. You don't get those back with a wire transfer. ®