Jessica Lyons
@jessicalyons.bsky.social
Cybersecurity editor @theregister.com Contact me with tips: jessica.lyons@theregister.com or jess.825 on Signal
Mama bear, book worm, outdoor lover, coffee and wine snob. PNW after decades in Santa Cruz but Blazers fan always.
Mama bear, book worm, outdoor lover, coffee and wine snob. PNW after decades in Santa Cruz but Blazers fan always.
Reposted by Jessica Lyons
BREAKING Greg Bovino has been removed as Border Patrol "commander at large" and will return to El Centro Calif, where he is expected to retire soon. A stunning turnaround after Pretti killing. Bovino's traveling blue city crackdown is over www.theatlantic.com/politics/202...
Gregory Bovino Gets Demoted
The Border Patrol chief was the public face of a traveling immigration crackdown on cities governed by Democrats.
www.theatlantic.com
January 26, 2026 at 11:40 PM
BREAKING Greg Bovino has been removed as Border Patrol "commander at large" and will return to El Centro Calif, where he is expected to retire soon. A stunning turnaround after Pretti killing. Bovino's traveling blue city crackdown is over www.theatlantic.com/politics/202...
ShinyHunters has targeted around 100 organizations in its latest Okta single sign-on (SSO) credential stealing campaign, according to researchers and the criminal group itself.
Canva among ~100 ShinyHunters credential-theft targets
: Atlassian, RingCentral, ZoomInfo also among tech targets
www.theregister.com
January 26, 2026 at 10:45 PM
ShinyHunters has targeted around 100 organizations in its latest Okta single sign-on (SSO) credential stealing campaign, according to researchers and the criminal group itself.
Reposted by Jessica Lyons
For every person that was at the march today there was also someone tailing ICE vehicles or watching over a neighborhood business or doing mutual aid. This crowd is only part of us!
I love this state, I love this city (and I'm including the whole metro in that).
I love this state, I love this city (and I'm including the whole metro in that).
January 23, 2026 at 11:08 PM
For every person that was at the march today there was also someone tailing ICE vehicles or watching over a neighborhood business or doing mutual aid. This crowd is only part of us!
I love this state, I love this city (and I'm including the whole metro in that).
I love this state, I love this city (and I'm including the whole metro in that).
More than 400 tech workers have urged their CEOs to "call the White House and demand ICE leave our cities" after masked federal agents shot and killed Alex Pretti over the weekend and the world's richest and most powerful chief executives remained silent.
Tech employees demand their leaders take a stand against ICE
: But CEOs remain frozen in place
www.theregister.com
January 26, 2026 at 7:01 PM
More than 400 tech workers have urged their CEOs to "call the White House and demand ICE leave our cities" after masked federal agents shot and killed Alex Pretti over the weekend and the world's richest and most powerful chief executives remained silent.
BREAKING: The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register.
CISA won't attend infosec industry's biggest conference
exclusive: But ex-CISA boss and new RSAC CEO Jen Easterly will be there
www.theregister.com
January 24, 2026 at 12:27 AM
BREAKING: The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register.
ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during which the extortionist crew allegedly gained access to Crunchbase and Betterment.
ShinyHunters claims Okta customer breaches, leaks data
: 'A lot more' victims to come, we're told
www.theregister.com
January 23, 2026 at 7:19 PM
ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during which the extortionist crew allegedly gained access to Crunchbase and Betterment.
Now if ICE would just stop shooting people... www.theregister.com/2026/01/09/h...
January 12, 2026 at 5:23 PM
Now if ICE would just stop shooting people... www.theregister.com/2026/01/09/h...
Reposted by Jessica Lyons
I can now die a satisfied man. I've been quoted in the NYTimes before, but never in The Register (my absolute favorite IT tabloid). Today I was quoted in The Reg. Thank you @jessicalyons.bsky.social for letting me contribute to your article - www.theregister.com/2026/01/08/c...
CrowdStrike buys SGNL, identity security startup, for $740M
: Authentication is basically solved. Authorization is another thing entirely...
www.theregister.com
January 9, 2026 at 1:55 AM
I can now die a satisfied man. I've been quoted in the NYTimes before, but never in The Register (my absolute favorite IT tabloid). Today I was quoted in The Reg. Thank you @jessicalyons.bsky.social for letting me contribute to your article - www.theregister.com/2026/01/08/c...
BREAKING: ESA confirmed yet another massive security breach, and told me via @theregister.com that the data thieves responsible will be subject to a criminal investigation.
European Space Agency initiates criminal probe into breach
exclusive: Two weeks, two major data leaks … not a good look for the European Space Agency
www.theregister.com
January 7, 2026 at 6:13 PM
BREAKING: ESA confirmed yet another massive security breach, and told me via @theregister.com that the data thieves responsible will be subject to a criminal investigation.
This story illustrates the importance of transparency and clear communication when it comes to bug bounties. If we want ethical hackers to report vulns so they can be fixed before the criminals find and exploit them, bug bounties need to keep their end of the bargain.
HackerOne 'ghosted' me over $8,500 bounty: Researcher
: Long after CVEs issued and open source flaws fixed
www.theregister.com
January 7, 2026 at 6:11 PM
This story illustrates the importance of transparency and clear communication when it comes to bug bounties. If we want ethical hackers to report vulns so they can be fixed before the criminals find and exploit them, bug bounties need to keep their end of the bargain.
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power.
Cybercrook claims to sell critical info about utilities
: For the bargain price of 6.5 bitcoin
www.theregister.com
January 2, 2026 at 6:47 PM
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power.
I sat down (virtually) with Remedio CEO Tal Kollender to discuss her former life hacking video games and how that led her to start a security company that uses AI to defend against AI.
Remedio CEO: If you don't think like a hacker, you won't win
interview: In supercharged AI race, defenders need to keep up
www.theregister.com
January 2, 2026 at 6:08 PM
I sat down (virtually) with Remedio CEO Tal Kollender to discuss her former life hacking video games and how that led her to start a security company that uses AI to defend against AI.
"In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar told me via @theregister.com. I had a great conversation with the former "hacking architect" whose startup uses AI to map and manage companies' threat exposure - you can read it all here:
Spy turned startup CEO: 'The WannaCry of AI will happen'
Interview: Ah, the good old days when 0-day development took a year
www.theregister.com
December 22, 2025 at 7:50 PM
"In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar told me via @theregister.com. I had a great conversation with the former "hacking architect" whose startup uses AI to map and manage companies' threat exposure - you can read it all here:
"I view this as a canary in the coal mine," Tea co-founder Tim Lewis told me via @theregister.com
CEO spills the Tea about massive token farming campaigns
interview: Plus: automated SBOMs, $250,000 bounties ahead
www.theregister.com
December 18, 2025 at 11:07 PM
"I view this as a canary in the coal mine," Tea co-founder Tim Lewis told me via @theregister.com
Shiny Hunters claims to be behind the breach, while Mixpanel tells us a Pornhub parent company employee - not the analytics provider - last accessed the stolen data: "If this data is in the hands of an unauthorized party, we do not believe that is the result of a security incident at Mixpanel."
Analytics provider: We didn't expose stolen smut data
: An employee of the adult site could be responsible.
www.theregister.com
December 16, 2025 at 10:07 PM
Shiny Hunters claims to be behind the breach, while Mixpanel tells us a Pornhub parent company employee - not the analytics provider - last accessed the stolen data: "If this data is in the hands of an unauthorized party, we do not believe that is the result of a security incident at Mixpanel."
At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking React2Shell, according to Google's threat intel team.
React2Shell vuln exploited by China, Iran, Google warns
: Who hasn't exploited this max-severity flaw?
www.theregister.com
December 15, 2025 at 8:41 PM
At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking React2Shell, according to Google's threat intel team.
If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Server Function source code, so anyone using RSC or frameworks that support it should patch quickly.
New React vulns leak secrets, invite DoS attacks
: And the earlier React2Shell patch is vulnerable
www.theregister.com
December 12, 2025 at 6:27 PM
If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Server Function source code, so anyone using RSC or frameworks that support it should patch quickly.
Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn't yet have a fix.
700+ self-hosted Git instances battered in 0-day attacks
: More than half of internet-exposed instances already compromised
www.theregister.com
December 10, 2025 at 9:49 PM
Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn't yet have a fix.
A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups was extradited to the US earlier this year and will stand trial in early 2026.
US extradites Ukrainian accused of hacking for Russia
: The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility
www.theregister.com
December 10, 2025 at 5:59 PM
A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups was extradited to the US earlier this year and will stand trial in early 2026.
Imagine botnets in physical form and you've got a pretty good idea of what could go wrong with the influx of AI-infused humanoid robots expected to integrate into society over the next few decades. I spoke with Insikt Group risk guru Joseph Rooke about this (slightly horrifying) future.
'Botnets in physical form' are top humanoid robot risk
Interview: Have we learned nothing from sci-fi films and TV shows?
www.theregister.com
December 9, 2025 at 3:48 PM
Imagine botnets in physical form and you've got a pretty good idea of what could go wrong with the influx of AI-infused humanoid robots expected to integrate into society over the next few decades. I spoke with Insikt Group risk guru Joseph Rooke about this (slightly horrifying) future.
"We believe dozens of organizations in the US have been impacted by Brickstorm, not including downstream victims," Google Threat Intelligence Group principal analyst Austin Larsen told me via @theregister.com
PRC spies Brickstromed their way into critical US networks
: 'Dozens' of US orgs infected
www.theregister.com
December 4, 2025 at 10:31 PM
"We believe dozens of organizations in the US have been impacted by Brickstorm, not including downstream victims," Google Threat Intelligence Group principal analyst Austin Larsen told me via @theregister.com
Vetting staff who handle sensitive government systems is wise, and so is cutting off their access the moment they're fired. A federal contractor learned this the hard way when twins previously convicted of hacking-related offenses allegedly used lingering access to delete 96 government databases.
Twin brothers charged with deleting 96 US govt databases
: And then they asked an AI to help cover their tracks
www.theregister.com
December 4, 2025 at 10:28 PM
Vetting staff who handle sensitive government systems is wise, and so is cutting off their access the moment they're fired. A federal contractor learned this the hard way when twins previously convicted of hacking-related offenses allegedly used lingering access to delete 96 government databases.
Afraid of connecting to public Wi-Fi? Terrified to turn your Bluetooth on? You may be falling for "hacklore." Dozens of CISOs and ex-CISA officials have launched an effort to dispel these myths and show you how not to get hacked for real.
Ex-CISA officials, CISOs aim to stop the spread of hacklore
: Don't believe everything you read
www.theregister.com
November 25, 2025 at 3:49 PM
Afraid of connecting to public Wi-Fi? Terrified to turn your Bluetooth on? You may be falling for "hacklore." Dozens of CISOs and ex-CISA officials have launched an effort to dispel these myths and show you how not to get hacked for real.
A series of "trivial-to-exploit" vulnerabilities in Fluent Bit, an open source log collection tool that runs in every major cloud and AI lab, was left open for years, giving attackers an exploit chain to completely disrupt cloud services and alter data.
Years-old bugs in open source took out major clouds at risk
: Fluent Bit has 15B+ deployments … and 5 newly assigned CVEs
www.theregister.com
November 25, 2025 at 2:37 PM
A series of "trivial-to-exploit" vulnerabilities in Fluent Bit, an open source log collection tool that runs in every major cloud and AI lab, was left open for years, giving attackers an exploit chain to completely disrupt cloud services and alter data.
EXCLUSIVE: ShinyHunters claimed responsibility for the Gainsight breach that allowed the data thieves to snarf data from hundreds more Salesforce customers: "We've had access to Gainsight for nearly 3 months."
ShinyHunters 'does not like Salesforce at all'
EXCLUSIVE: 'I have compromised other known OAuth apps,' Shiny tells The Reg
www.theregister.com
November 21, 2025 at 7:34 PM
EXCLUSIVE: ShinyHunters claimed responsibility for the Gainsight breach that allowed the data thieves to snarf data from hundreds more Salesforce customers: "We've had access to Gainsight for nearly 3 months."