News

Data breach incident management and recovery

• May 13, 2026 13 May'26

  Computer Misuse Act reform to move forward in National Security Bill

  Reform of the Computer Misuse Act is to be folded into a wider National Security Bill granting more powers for law enforcement to protect the UK against a wider spectrum of threats

• May 12, 2026 12 May'26

  Microsoft releases rare zero-day free Patch Tuesday update

  No zero-day flaws were addressed in May’s Patch Tuesday update but as usual there is much for admins to chew over in the coming days

• May 11, 2026 11 May'26

  UK government renews calls to sign Cyber Resilience Pledge

  Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge, and highlights growth, and challenges, for the UK’s cyber economy

• May 11, 2026 11 May'26

  ICO fines Cl0p victim South Staffs Water over data breach

  The ICO has levied a reduced fine on South Staffordshire Water following cyber improvements in the wake of a Cl0p ransomware attack

• May 11, 2026 11 May'26

  The Netherlands leads in quantum technology but lags on quantum security

  The Dutch government has invested €615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat

• May 06, 2026 06 May'26

  UK financial security experts participate in sector-wide hackathon

  Teams of security pros from UK financial services organisations came together at the end of April to participate in a hackathon exercise

• May 06, 2026 06 May'26

  ServiceNow Knowledge 2026: McDermott proclaims fully automated cyber defence

  Chief executive’s conference keynote launches agentic artificial intelligence cyber security features for enterprise software player’s centralised platform

• May 05, 2026 05 May'26

  CSA: Take AI cyber threats to the boardroom

  Current cyber risk assumptions may no longer be valid given the speed of advanced AI, warns the chief executive of Singapore’s Cyber Security Agency

• May 04, 2026 04 May'26

  UK’s NCSC warns of ‘wave of patches’

  Vulnerability discovery and mitigation continues to exercise the top minds at Britain’s NCSC as cyber experts continue to debate the impact of frontier AI models such as Mythos

• May 01, 2026 01 May'26

  IAM tools help Oracle Red Bull Racing keep pace with strict F1 regulations

  Oracle Red Bull Racing massively improved the efficiency of its aerodynamics testing procedures after implementing new identity technology from 1Password. Learn more about this unlikely link

• April 30, 2026 30 Apr'26

  Almost half of UK businesses hit by cyber attacks

  The government’s annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches

• April 30, 2026 30 Apr'26

  AI is widening the asymmetry between attackers and defenders

  As threat actors leverage AI to launch attacks at machine speed, cyber defenders must adopt an assumed breach mindset and prioritise breach containment

• April 28, 2026 28 Apr'26

  Vect ransomware actually destructive wiper malware

  Analysis of a form of ransomware called Vect has uncovered a serious flaw that breaks its core functionality and turns it from a locker to a wiper

• April 26, 2026 26 Apr'26

  Black Hat Asia: Privacy and cyber security are inseparable

  The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told

• April 24, 2026 24 Apr'26

  Wiz founder: Hack yourself with AI, before the bad guys do

  At Google Cloud Next, Wiz co-founder Yinon Costica called on security defenders to use AI to steal a march on threat actors, and launched agentic capabilities for cyber teams

• April 23, 2026 23 Apr'26

  Using AI to manage insider risk amid Middle East conflict

  As geopolitical tensions reshape the cyber threat landscape across the region, organisations are turning to artificial intelligence-driven behaviour analytics, investigative automation and monitoring of AI agents to detect insider risk faster and ...

• April 22, 2026 22 Apr'26

  UK to build ‘national cyber shield’ to protect against AI cyber threats

  Security minister Dan Jarvis calls for artificial intelligence companies to work with government to develop AI-driven cyber defences

• April 21, 2026 21 Apr'26

  Sans Institute preps live systems for Nato cyber exercise

  Cyber training body the Sans Institute is preparing live power generation IT and OT systems for Nato’s annual Locked Shields blue team exercise, which this year appears more relevant than ever

• April 17, 2026 17 Apr'26

  North Korean social engineering campaign targets MacOS users

  A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by Microsoft’s Threat Intelligence Unit

• April 17, 2026 17 Apr'26

  Bank cyber teams on red alert as Anthropic promises them Mythos next week

  Artificial intelligence supplier promises UK banks opportunity to review AI model, which has already revealed thousands of security flaws

• April 16, 2026 16 Apr'26

  CyberUK 2026: UK lagging on legal protections for cyber pros

  Ahead of next week’s CyberUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus and proposes a four-pillar framework that would protect cyber professionals from prosecution

• April 15, 2026 15 Apr'26

  UK businesses must face up to AI threat, says government

  Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos

• April 15, 2026 15 Apr'26

  Danske Bank upgrade error exposed 20,000 customer addresses

  Danish bank revealed details of a customer data leak last year which affected thousands of customers

• April 14, 2026 14 Apr'26

  April Patch Tuesday brings zero-days in Defender, SharePoint Server

  Microsoft’s latest Patch Tuesday update may be one of the largest in history, with more than 160 issues in scope

• April 13, 2026 13 Apr'26

  ‘Grand Theft Auto’ publisher Rockstar hit by hackers again

  The notorious ShinyHunters hacking collective menaces video game publisher Rockstar and says it will leak data on 14 April

• April 09, 2026 09 Apr'26

  Singapore Cyber Security Agency chief: Cyber stability a necessity, not a luxury

  With state-linked attacks rising and international rules unravelling, Singapore’s cyber security commissioner calls for global cooperation to prevent catastrophic conflict in cyber space

• April 08, 2026 08 Apr'26

  Capita’s troubled Civil Service Pension Scheme hit by data breach

  A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues

• April 02, 2026 02 Apr'26

  How ‘Wikipedia of cyber’ helps SAP make sense of threat data

  SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming big challenges. It turned to cutting-edge agentic tools from Uptycs to cut ...

• March 25, 2026 25 Mar'26

  US government launches Bureau of Emerging Threats

  The US’ Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space and other emerging technologies

• March 25, 2026 25 Mar'26

  Why AI agents are one prompt away from ransomware

  As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Cisa tells US organisations to harden endpoint management after Stryker attack

  Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 17, 2026 17 Mar'26

  Contactless payment limit removal will happen overnight, but change won’t

  Banks will be able to set their own contactless card payment limits from 19 March, following rule change by Financial Conduct Authority

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem

• March 16, 2026 16 Mar'26

  Companies House restarts online services following cyber breach

  Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Salesforce tracks possible ShinyHunters campaign targeting its users

  Salesforce warns users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool

• March 11, 2026 11 Mar'26

  CISOs on alert: Strengthening cyber resilience amid geopolitical tensions in the Middle East

  As regional uncertainty rises, security leaders across the Gulf focus on resilience, faster incident response and deeper threat intelligence to protect critical systems and data

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 05, 2026 05 Mar'26

  Spyware suppliers exploit more zero-days than nation states

  Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• February 26, 2026 26 Feb'26

  Qilin crew continues to dominate ransomware ecosystem

  The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and fragmenting cyber criminal ecosystem

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar