News

Data breach incident management and recovery

• June 04, 2026 04 Jun'26

  Capita launched civil service pension scheme site without ‘basic’ web security

  Outsourcer went live with its troubled civil service pensions administration without a basic Domain Name System security feature

• June 02, 2026 02 Jun'26

  Scottish residents granted permission for group action against Capita

  People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack

• May 29, 2026 29 May'26

  Microsoft hits out over irresponsible vulnerability disclosure

  Microsoft goes on the offensive after a disgruntled security researcher unleashed a series of zero-days without checking in first

• May 28, 2026 28 May'26

  Carnival cruise line confirmed as latest ShinyHunters victim

  Travel company Carnival Corporation confirms the extent of an April 2026 supply chain breach that was claimed by ShinyHunters

• May 27, 2026 27 May'26

  Scottish social enterprise supports national cyber efforts

  Cyber and Fraud Centre has supported community cyber resilience in Scotland to the tune of £3m in its first year operating as a social enterprise

• May 27, 2026 27 May'26

  The Gentlemen emerging as key ransomware player

  An emerging ransomware crew known as The Gentlemen is becoming a force to be reckoned with, according to NCC’s latest monthly threat data

• May 25, 2026 25 May'26

  AI safety cannot wait for a ‘Chernobyl moment’, experts warn

  As AI becomes increasingly capable, tech leaders at Singapore’s ATxSummit urge governments and industry to build safety and accountability into AI systems before a major disaster strikes

• May 21, 2026 21 May'26

  Police op targets VPN service favoured by ransomware gangs

  A multinational police operation has taken down the infamous First VPN service that provided cover for cyber criminal gangs and ransomware operators

• May 20, 2026 20 May'26

  Bulgaria fires up Google Cloud for national cyber security

  The Bulgarian national systems integrator, BIS, has deployed Google Cloud’s Cybershield government security service as part of a national federated SOC deployment

• May 19, 2026 19 May'26

  Vulnerability exploitation now primary origin of data breaches

  Verizon’s annual cyber report reveals a major change in how data breaches originate, highlighting the impact of artificial intelligence

• May 15, 2026 15 May'26

  Jaguar Land Rover profit slumps after cyber attack

  The financial impact of last year’s cyber attack on Jaguar Land Rover continues to be felt, with full-year sales and profits at the carmaker way down

• May 13, 2026 13 May'26

  Computer Misuse Act reform to move forward in National Security Bill

  Reform of the Computer Misuse Act is to be folded into a wider National Security Bill granting more powers for law enforcement to protect the UK against a wider spectrum of threats

• May 12, 2026 12 May'26

  Microsoft releases rare zero-day free Patch Tuesday update

  No zero-day flaws were addressed in May’s Patch Tuesday update but as usual there is much for admins to chew over in the coming days

• May 11, 2026 11 May'26

  UK government renews calls to sign Cyber Resilience Pledge

  Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge, and highlights growth, and challenges, for the UK’s cyber economy

• May 11, 2026 11 May'26

  ICO fines Cl0p victim South Staffs Water over data breach

  The ICO has levied a reduced fine on South Staffordshire Water following cyber improvements in the wake of a Cl0p ransomware attack

• May 11, 2026 11 May'26

  The Netherlands leads in quantum technology but lags on quantum security

  The Dutch government has invested €615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat

• May 06, 2026 06 May'26

  UK financial security experts participate in sector-wide hackathon

  Teams of security pros from UK financial services organisations came together at the end of April to participate in a hackathon exercise

• May 06, 2026 06 May'26

  ServiceNow Knowledge 2026: McDermott proclaims fully automated cyber defence

  Chief executive’s conference keynote launches agentic artificial intelligence cyber security features for enterprise software player’s centralised platform

• May 05, 2026 05 May'26

  CSA: Take AI cyber threats to the boardroom

  Current cyber risk assumptions may no longer be valid given the speed of advanced AI, warns the chief executive of Singapore’s Cyber Security Agency

• May 04, 2026 04 May'26

  UK’s NCSC warns of ‘wave of patches’

  Vulnerability discovery and mitigation continues to exercise the top minds at Britain’s NCSC as cyber experts continue to debate the impact of frontier AI models such as Mythos

• May 01, 2026 01 May'26

  IAM tools help Oracle Red Bull Racing keep pace with strict F1 regulations

  Oracle Red Bull Racing massively improved the efficiency of its aerodynamics testing procedures after implementing new identity technology from 1Password. Learn more about this unlikely link

• April 30, 2026 30 Apr'26

  Almost half of UK businesses hit by cyber attacks

  The government’s annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches

• April 30, 2026 30 Apr'26

  AI is widening the asymmetry between attackers and defenders

  As threat actors leverage AI to launch attacks at machine speed, cyber defenders must adopt an assumed breach mindset and prioritise breach containment

• April 28, 2026 28 Apr'26

  Vect ransomware actually destructive wiper malware

  Analysis of a form of ransomware called Vect has uncovered a serious flaw that breaks its core functionality and turns it from a locker to a wiper

• April 26, 2026 26 Apr'26

  Black Hat Asia: Privacy and cyber security are inseparable

  The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told

• April 24, 2026 24 Apr'26

  Wiz founder: Hack yourself with AI, before the bad guys do

  At Google Cloud Next, Wiz co-founder Yinon Costica called on security defenders to use AI to steal a march on threat actors, and launched agentic capabilities for cyber teams

• April 23, 2026 23 Apr'26

  Using AI to manage insider risk amid Middle East conflict

  As geopolitical tensions reshape the cyber threat landscape across the region, organisations are turning to artificial intelligence-driven behaviour analytics, investigative automation and monitoring of AI agents to detect insider risk faster and ...

• April 22, 2026 22 Apr'26

  UK to build ‘national cyber shield’ to protect against AI cyber threats

  Security minister Dan Jarvis calls for artificial intelligence companies to work with government to develop AI-driven cyber defences

• April 21, 2026 21 Apr'26

  Sans Institute preps live systems for Nato cyber exercise

  Cyber training body the Sans Institute is preparing live power generation IT and OT systems for Nato’s annual Locked Shields blue team exercise, which this year appears more relevant than ever

• April 17, 2026 17 Apr'26

  North Korean social engineering campaign targets MacOS users

  A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by Microsoft’s Threat Intelligence Unit

• April 17, 2026 17 Apr'26

  Bank cyber teams on red alert as Anthropic promises them Mythos next week

  Artificial intelligence supplier promises UK banks opportunity to review AI model, which has already revealed thousands of security flaws

• April 16, 2026 16 Apr'26

  CyberUK 2026: UK lagging on legal protections for cyber pros

  Ahead of next week’s CyberUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus and proposes a four-pillar framework that would protect cyber professionals from prosecution

• April 15, 2026 15 Apr'26

  UK businesses must face up to AI threat, says government

  Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos

• April 15, 2026 15 Apr'26

  Danske Bank upgrade error exposed 20,000 customer addresses

  Danish bank revealed details of a customer data leak last year which affected thousands of customers

• April 14, 2026 14 Apr'26

  April Patch Tuesday brings zero-days in Defender, SharePoint Server

  Microsoft’s latest Patch Tuesday update may be one of the largest in history, with more than 160 issues in scope

• April 13, 2026 13 Apr'26

  ‘Grand Theft Auto’ publisher Rockstar hit by hackers again

  The notorious ShinyHunters hacking collective menaces video game publisher Rockstar and says it will leak data on 14 April

• April 09, 2026 09 Apr'26

  Singapore Cyber Security Agency chief: Cyber stability a necessity, not a luxury

  With state-linked attacks rising and international rules unravelling, Singapore’s cyber security commissioner calls for global cooperation to prevent catastrophic conflict in cyber space

• April 08, 2026 08 Apr'26

  Capita’s troubled Civil Service Pension Scheme hit by data breach

  A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues

• April 02, 2026 02 Apr'26

  How ‘Wikipedia of cyber’ helps SAP make sense of threat data

  SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming big challenges. It turned to cutting-edge agentic tools from Uptycs to cut ...

• March 25, 2026 25 Mar'26

  US government launches Bureau of Emerging Threats

  The US’ Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space and other emerging technologies

• March 25, 2026 25 Mar'26

  Why AI agents are one prompt away from ransomware

  As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Cisa tells US organisations to harden endpoint management after Stryker attack

  Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 17, 2026 17 Mar'26

  Contactless payment limit removal will happen overnight, but change won’t

  Banks will be able to set their own contactless card payment limits from 19 March, following rule change by Financial Conduct Authority

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem

• March 16, 2026 16 Mar'26

  Companies House restarts online services following cyber breach

  Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure