News
Application security and coding requirements
-
July 09, 2026
09
Jul'26
Cyber field doubts promise of Cyber Shield
The NCSC has shared more details of its national AI Cyber Shield initiative, but experts say the project faces serious delivery challenges
-
July 08, 2026
08
Jul'26
European Central Bank demands AI security ‘action plan’
European Central Bank gives banks deadline to outline their plans to defend against artificial intelligence-based security threats
-
July 03, 2026
03
Jul'26
Breach of IBM-managed environment exposes personal data of 70,000 in Singapore
Unauthorised access to a development and testing environment managed by IBM has exposed the names, NRIC numbers and property addresses of about 70,000 people held by the Singapore Land Authority
-
July 02, 2026
02
Jul'26
US cyber agency warns over forgotten SharePoint flaw
An RCE vulnerability in Microsoft SharePoint that was mistakenly omitted from the May Patch Tuesday bulletin is being exploited in the wild, says Cisa
-
June 30, 2026
30
Jun'26
Singpass to roll out passkeys in fight against phishing scams
The passwordless feature will launch for iPhone users on 1 July 2026 with a device-bound model to avoid the security risks of cloud-synced passkeys
-
June 26, 2026
26
Jun'26
Secure Code Warrior CEO on surviving the AI ‘vulnerability apocalypse’
As enterprises embrace agentic AI and vibe coding, Secure Code Warrior CEO and co-founder Pieter Danhieux warns that code-generating models are still producing critical security flaws
-
June 17, 2026
17
Jun'26
2026 World Cup billed as ‘largest entertainment attack surface in history’
With the tournament underway across North America, Palo Alto Networks warns that temporary supplier ecosystems, vulnerable municipal infrastructure and geopolitical tensions are creating risks for enterprises and fans
-
June 12, 2026
12
Jun'26
Oracle fixes PeopleSoft flaw exploited by ShinyHunters
A zero-day vulnerability affecting Oracle’s PeopleSoft products is being exploited by a ShinyHunters campaign targeting schools and universities
-
June 11, 2026
11
Jun'26
Established enterprise patching models dead in the water, says report
Vulnerability discovery and exploitation was surging dramatically even before Anthropic decided to unleash its frontier Mythos model. As such, an Action1 report finds old approaches to patching are no longer fit for purpose
-
June 09, 2026
09
Jun'26
Microsoft smashes record for biggest ever Patch Tuesday update
Microsoft has obliterated the record for the largest ever Patch Tuesday drop, with its June 2026 update addressing approximately 200 flaws and three zero-days
-
June 08, 2026
08
Jun'26
Infosecurity Europe 2026: AI turbo-charging cyber crime and response
AI is accelerating cyber attacks by criminals and hostile states, with attackers faster, more persistent and increasingly collaborative, say experts speaking at Infosecurity Europe 2026
-
June 02, 2026
02
Jun'26
Scottish residents granted permission for group action against Capita
People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack
-
June 01, 2026
01
Jun'26
AI agents help Cato slash ‘time-to-protect’ from new CVEs
The application of agentic AI to vulnerability management workflows has slashed mitigation times in experimental conditions, claims Sase specialist Cato Networks
-
May 29, 2026
29
May'26
Microsoft hits out over irresponsible vulnerability disclosure
Microsoft goes on the offensive after a disgruntled security researcher unleashed a series of zero-days without checking in first
-
May 27, 2026
27
May'26
Glassworm botnet that targeted OS devs smashed to pieces
CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub repositories, risking widespread supply chain compromise
-
May 19, 2026
19
May'26
Vulnerability exploitation now primary origin of data breaches
Verizon’s annual cyber report reveals a major change in how data breaches originate, highlighting the impact of artificial intelligence
-
May 12, 2026
12
May'26
Microsoft releases rare zero-day free Patch Tuesday update
No zero-day flaws were addressed in May’s Patch Tuesday update but as usual there is much for admins to chew over in the coming days
-
May 11, 2026
11
May'26
ServiceNow Knowledge 2026: FedEx digital chief unpacks agentic AI’s potential
Speaking to Computer Weekly at ServiceNow Knowledge 2026, Vishal Talwar, FedEx’s executive vice-president and CDIO, lays out the company’s mission to scale artificial intelligence responsibly
-
May 11, 2026
11
May'26
The Netherlands leads in quantum technology but lags on quantum security
The Dutch government has invested €615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat
-
May 08, 2026
08
May'26
ESET: Don’t fear the ‘AI Terminator’, but prepare for agent risks
While fully autonomous hacking bots remain a distant reality, an ESET expert warns that AI is quietly supercharging phishing schemes and creating new vulnerabilities inside organisations
-
May 06, 2026
06
May'26
ServiceNow Knowledge 2026: McDermott proclaims fully automated cyber defence
Chief executive’s conference keynote launches agentic artificial intelligence cyber security features for enterprise software player’s centralised platform
-
May 05, 2026
05
May'26
CSA: Take AI cyber threats to the boardroom
Current cyber risk assumptions may no longer be valid given the speed of advanced AI, warns the chief executive of Singapore’s Cyber Security Agency
-
May 04, 2026
04
May'26
UK’s NCSC warns of ‘wave of patches’
Vulnerability discovery and mitigation continues to exercise the top minds at Britain’s NCSC as cyber experts continue to debate the impact of frontier AI models such as Mythos
-
April 24, 2026
24
Apr'26
Wiz founder: Hack yourself with AI, before the bad guys do
At Google Cloud Next, Wiz co-founder Yinon Costica called on security defenders to use AI to steal a march on threat actors, and launched agentic capabilities for cyber teams
-
April 22, 2026
22
Apr'26
Google launches Gemini Agent Platform, eighth-generation TPUs
With more AI agents moving to production, Google Cloud is targeting governance, multi-cloud data architecture and purpose-built silicon to help enterprises orchestrate agentic workflows
-
April 22, 2026
22
Apr'26
A tsunami of flaws: When frontier AI and Patch Tuesday collide
Microsoft’s April Patch Tuesday drop was the second-largest in history, falling just shy of an October 2025 record. What is behind the spike in vulnerability disclosures, and is there a connection to Anthropic’s bug-hunting Claude Mythos AI model?
-
April 17, 2026
17
Apr'26
Surging CVE disclosures force NIST to shake up workflows
NIST announces big changes to the way it categorises and manages CVEs, which are set to have a big impact on how organisations manage patching and remediation
-
April 17, 2026
17
Apr'26
Bank cyber teams on red alert as Anthropic promises them Mythos next week
Artificial intelligence supplier promises UK banks opportunity to review AI model, which has already revealed thousands of security flaws
-
April 15, 2026
15
Apr'26
UK businesses must face up to AI threat, says government
Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos
-
April 14, 2026
14
Apr'26
April Patch Tuesday brings zero-days in Defender, SharePoint Server
Microsoft’s latest Patch Tuesday update may be one of the largest in history, with more than 160 issues in scope
-
March 27, 2026
27
Mar'26
Lloyds admits coding fault exposed customer transactions
The bank has responded to the Treasury Committee’s request for information on a major data breach in its banking app
-
March 25, 2026
25
Mar'26
Emergency Microsoft, Oracle patches point to wider cyber issues
Emergency out-of-band patches from Microsoft and Oracle signal underlying security issues around update cycles and patching, and identity security and zero-trust, says the community
-
March 25, 2026
25
Mar'26
Why AI agents are one prompt away from ransomware
As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI
-
March 24, 2026
24
Mar'26
Cyber pros must grasp the vibe coding nettle, says NCSC chief
At RSA in San Francisco, NCSC chief exec Richard Horne says security professionals have an opportunity and a responsibility to get in front of the security issues raised by the popularity of ‘vibe coding’
-
March 19, 2026
19
Mar'26
AI makes debut in Bridewell cyber security in CNI report
Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell
-
March 19, 2026
19
Mar'26
Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement
As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience
-
March 16, 2026
16
Mar'26
Companies House restarts online services following cyber breach
Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure
-
March 10, 2026
10
Mar'26
Microsoft patches zero-days in .NET and SQL Server
Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update
-
March 10, 2026
10
Mar'26
WA auditor general flags weak Microsoft 365 security controls across state entities
Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches
-
March 09, 2026
09
Mar'26
APT36 unleashes AI-generated ‘vibeware’ to flood targets
The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found
-
March 05, 2026
05
Mar'26
Spyware suppliers exploit more zero-days than nation states
Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report
-
March 04, 2026
04
Mar'26
Zero-day in Android phone chips under active attack
Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day
-
February 26, 2026
26
Feb'26
CrowdStrike touts agentic SOC to tackle security woes
By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar
-
February 25, 2026
25
Feb'26
Cisco Catalyst SD-WAN users targeted in series of cyber attacks
The NCSC, Cisa, and other Five Eyes agencies have warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN, which Cisco is attributing to an unknown threat actor called UAT-8616
-
February 25, 2026
25
Feb'26
Application exploitation back in vogue, says IBM cyber unit
IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications
-
February 25, 2026
25
Feb'26
How AI code generation is pushing DevSecOps to machine speed
Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes
-
February 23, 2026
23
Feb'26
Why crypto agility is key to quantum readiness
With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation
-
February 19, 2026
19
Feb'26
PromptSpy Android malware may exploit Gemini AI
A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence
-
February 18, 2026
18
Feb'26
Flaws in Google and Microsoft products added to Cisa catalogue
Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well
-
February 17, 2026
17
Feb'26
Government wages cyber campaign as half the UK’s SMEs are breached
UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’
