Crims found the soft spot in the company's security. MyPillow, the US-based bedding brand founded by election conspiracy theorist Mike Lindell, has been listed by Play ransomware extortionists as an alleged victim. The pillow shop first appeared on Play’s name-and-shame data leak site on Monday, with the gang threatening to leak stolen data by Friday if MyPillow execs don’t pay the ransom demand. While the extortionists didn’t specify how many gigabytes of data they allegedly stole from MyPillow, they claim it includes “private and personal confidential data, client documents, budget, payroll, IDs, taxes, finance information” and more, according to the dark-web post seen by The Register and shared on social media by threat-intel firm FalconFeeds. MyPillow did not immediately respond to The Register’s inquiries. We will update this story if we receive any response. As of May 2025, the FBI said Play ransomware operators had allegedly exploited about 900 organizations, and the crew’s ransomware variant consistently ranks among the top five targeting critical infrastructure. Play previously stole around 65,000 Swiss government files after breaching its IT supplier Xplain in 2023. A year later, the group hacked Microchip Technology. The American semiconductor manufacturer told regulators that the ransomware attack disrupted some of its business operations and cost it $21.4 million in expenses related to the security incident. North Korean government goons have also used Play ransomware in their intrusions. Cisco Talos' incident responders previously told The Register that Play was one of the crews that used so-called "EDR killers" to disable endpoint security products in their ransomware infections. MyPillow is probably best known for its founder and CEO's politics. Lindell is a major proponent of President Trump’s false claims that the 2020 election was stolen, and is now running for Minnesota governor. ®

Some internet connectivity is returning in Iran after nearly 90 days offline, web monitoring groups say. But it isn’t clear if the reconnection is permanent.

Firefox is alive and well - and offering a fast, customizable, bloat-free, private, secure browsing experience from developers who care.

submitted by /u/nibblesec
[link] [comments]

The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026. The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and Carbon Black.

submitted by /u/AnywhereOk3723
[link] [comments]

submitted by /u/TheReedemer69
[link] [comments]

You need to maintain your solar panels if you want them to last. Here are my top maintenance tips if you're serious about switching.

submitted by /u/2ROT13
[link] [comments]

National security and digital forensics experts have called foul on Nigel Farage's "disturbing" and unsubstantiated claim that Russia was behind the leak of a story about the UK politician receiving a £5 million gift from a crypto billionaire. Sources inside Farage's right-wing Reform UK told the Mail on Sunday that the party leader believes Russian spies hacked his phone and relayed details about Christopher Harborne's gift, a matter of which only four people were aware. Farage was said to have engaged outside "counter-espionage experts" to perform a technical analysis of his device – analysis that was said to point to Russia. According to Peter Sommer, professor of digital forensics at Birmingham City University, whichever outfit was entrusted to carry out this work would have been looking for two different types of markers to prove Russia was involved. These would be either the phishing message Farage clicked on that allowed Russia to access his private communications or the malware code an attacker used to exfiltrate them. "It's obviously trivial to disguise the source of an email, so that doesn't help," Sommer told The Register. "And the second thing is if you're talking about looking for hacking codes, hackers, whether they are juveniles or people in major SIGINT systems, are likely to be stealing from each other, so there's nothing unique about a code that would say where it comes from." Sommer also highlighted that advanced intelligence powers have tools at their disposal to obfuscate the source of malicious code. The CIA's leaked Marble Framework supposedly had the ability to translate malicious code into any language, including those used by its chief adversaries. "Now, absent from that, how on Earth do you determine that this is a Russian hack?" Sommer asked. Neither Farage nor Reform UK has spoken officially on the alleged Russian phone hack. They have not specified which experts on whose conclusions they used to make the claims, they have not stated what evidence pointed to Russia's involvement, and they have not committed to making this forensic assessment available for public scrutiny. Opening up the data for verification was one of the core issues raised by Ciaran Martin, founding chief executive of the UK's National Cyber Security Centre (NCSC), who labeled Farage's claims "disturbing" and "without any merit." Speaking to The Guardian, Martin said that not only is the lack of clear evidence concerning, but also if Russia was behind the hack-and-leak operation, a deliberate attempt at destabilizing a foreign democracy, then it would have significant consequences for the UK's Russia policy. "An aspiring prime minister has essentially claimed that Russia has launched an unprecedentedly aggressive intervention – a malicious intervention – in British politics, and he's not produced a shred of evidence to support that claim," Martin said. "It is a very, very serious thing to allege. It would be a national security issue," he added. "If it is true, the government should be in emergency session in COBR right now, considering their response to the most serious Russian intervention in internal British affairs for years." He said the claims published by the Mail on Sunday, at present, are unsubstantiated, and if true, in normal circumstances, this would prompt a formal government response. The Reg understands that the NCSC has not been engaged by Farage or Reform UK over the matter. The National Crime Agency did not respond to questions regarding its involvement and the Metropolitan Police Service declined to comment. Reform UK did not respond to our requests for more information, nor did Nigel Farage's office. What exactly did Reform UK claim? According to sources who spoke to the Mail on Sunday, Russian spies hacked Farage's phone, ascertained details about Harborne's £5 million donation to the party leader, and leaked it to The Guardian, which first reported the story. The Guardian said at the weekend that Farage is now under "mounting pressure" to prove his claim about the Russian phone hack. There is no indication the Graun 's reporting was connected to any illegal activity or Russian spies, but Farage is implying so, telling the Mail on Sunday: "This shocking revelation brings into question The Guardian’s judgment and whether Reform can cooperate with them in future." According to the analysis of Farage's phone, carried out by the unidentified counter-espionage experts, the findings were "almost certainly linked to Moscow," the Reform UK source said. They also claimed that spear-phishing tactics were used to compromise his phone, email, and bank accounts. "It bore all the sophisticated hallmarks of a nation-state actor using destabilization techniques in the run-up to this month's local elections," the source added. Farage said: "These actions by Russia are deeply concerning and highlight the threat they pose to British security." Regarding the motive for such an attack, Reform UK believes its leader angered Russian president Vladimir Putin by previously expressing support for NATO. He has said in the past that UK forces should shoot down Russian aircraft if they enter NATO airspace, and joined controversial calls for Ukraine to be admitted to the military alliance. The party also said that Harborne may be a target for the Russian regime because he joined former prime minister Boris Johnson on a trip to Ukraine in 2022, designed to showcase the impact of Russia's invasion earlier that year. ®

The Momax Q.Mag X is one of the more reliable wireless battery packs I've tried, thanks to its enhanced heat management.

Cisco's 2026 Segmentation Report analyzes 400 failed segmentation projects and identifies four distinct patterns of failure — and what teams can do about them

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop. According to recent updates from The Hacker News, bad actors are using AI to find weak spots in systems and

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met. The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of 8.8. It has been assigned an important severity. "Deserialization of untrusted data in Microsoft Office SharePoint allows

Multi-factor authentication (MFA) was supposed to close a critical gap in identity security. It meant that, even if an attacker possessed the account credentials, they couldn't log in without the second factor. While that logic was sound, attackers have now figured out that they don't need to steal the second factor: they just need the user to hand it over. If your workforce authenticates with

As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show.

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026. The activity, besides embracing

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to

submitted by /u/GelosSnake
[link] [comments]