News

Hackers and cybercrime prevention

• April 02, 2026 02 Apr'26

  NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks

  NCSC advises on countermeasures for high-risk individuals over phishing attacks on encrypted messaging services, such as Signal, WhatsApp and Facebook Messenger

• March 30, 2026 30 Mar'26

  Stop Scams steps up to online fraud challenge

  After years of putting the building blocks in place, Stop Scams is ready and able to react quickly to fight emerging fraud threats

• March 27, 2026 27 Mar'26

  UK government lacks ambition to fight tax fraud, says PAC

  The Public Accounts Committee says the UK government has dropped the ball on the use of data analytics to tackle tax fraud and error, as the public purse haemorrhages billions of pounds

• March 27, 2026 27 Mar'26

  EU Parliament rejects Chat Control message scanning

  MEPs vote down proposals to allow US tech companies to continue scanning private messages for illegal content

• March 26, 2026 26 Mar'26

  Agentic bots and synthetic identities fuel surge in fraud

  LexisNexis Risk Solutions warns of a 450% rise in agentic traffic and an eight-fold increase in synthetic identity fraud as cyber criminals scale automation to bypass security controls

• March 25, 2026 25 Mar'26

  US government launches Bureau of Emerging Threats

  The US’ Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space and other emerging technologies

• March 25, 2026 25 Mar'26

  Emergency Microsoft, Oracle patches point to wider cyber issues

  Emergency out-of-band patches from Microsoft and Oracle signal underlying security issues around update cycles and patching, and identity security and zero-trust, says the community

• March 25, 2026 25 Mar'26

  Why AI agents are one prompt away from ransomware

  As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Cisa tells US organisations to harden endpoint management after Stryker attack

  Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 19, 2026 19 Mar'26

  Apple issues first Background patch for WebKit browser flaw

  Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims

• March 17, 2026 17 Mar'26

  Technology accelerating crime, boosts case for national police service, says NCA chief

  NCA director general Graeme Biggar says technology has helped criminals get smarter, faster and more connected, boosting case for National Police Service

• March 17, 2026 17 Mar'26

  Contactless payment limit removal will happen overnight, but change won’t

  Banks will be able to set their own contactless card payment limits from 19 March, following rule change by Financial Conduct Authority

• March 13, 2026 13 Mar'26

  Interpol obliterates cyber criminal infrastructure

  A major Interpol operation has resulted in the seizure of thousands of malicious cyber criminal IP addresses and servers, and multiple arrests

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Welsh government boosts funding for cyber education

  The Welsh government’s Tech Valleys programme is providing three-quarters of a million pounds to help reach thousands of primary school children with security education and careers guidance

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 10, 2026 10 Mar'26

  Whitehall launches digital ID consultation

  Eight-week consultation aims to get the public’s view on how the proposed digital ID system would work, and contemplates introducing a universal unique identifier linked to the ID

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 09, 2026 09 Mar'26

  APT36 unleashes AI-generated ‘vibeware’ to flood targets

  The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 06, 2026 06 Mar'26

  Norway braced for foreign AI cyber attacks on vital petroleum computing

  Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU

• March 05, 2026 05 Mar'26

  Spyware suppliers exploit more zero-days than nation states

  Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• February 26, 2026 26 Feb'26

  Qilin crew continues to dominate ransomware ecosystem

  The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and fragmenting cyber criminal ecosystem

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar

• February 25, 2026 25 Feb'26

  Cisco Catalyst SD-WAN users targeted in series of cyber attacks

  The NCSC, Cisa, and other Five Eyes agencies have warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN, which Cisco is attributing to an unknown threat actor called UAT-8616

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 25, 2026 25 Feb'26

  How AI code generation is pushing DevSecOps to machine speed

  Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes

• February 23, 2026 23 Feb'26

  Innovate UK cyber startup programme gets £10m funding booster

  Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 20, 2026 20 Feb'26

  UK AI alignment project gets OpenAI and Microsoft boost

  Altogether, £27m is now available to fund the AI Security Institute’s work to collaborate on safe, secure artificial intelligence

• February 20, 2026 20 Feb'26

  What it takes to secure agentic commerce

  With AI agents increasingly acting as digital concierges for shoppers, verifying bot identities, securing the APIs they rely on and detecting anomalous behaviour will be key to safeguarding automated transactions, according to Akamai

• February 19, 2026 19 Feb'26

  PromptSpy Android malware may exploit Gemini AI

  A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence

• February 18, 2026 18 Feb'26

  Flaws in Google and Microsoft products added to Cisa catalogue

  Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well

• February 18, 2026 18 Feb'26

  0APT ransomware crew makes embarrassing splash

  A ransomware gang called 0APT has attracted attention, but many of its victims may not even be real, and its operators are being accused of over-egging their criminal pudding

• February 17, 2026 17 Feb'26

  Western cyber alliances risk fragmenting in new world order

  The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious

• February 17, 2026 17 Feb'26

  Government wages cyber campaign as half the UK’s SMEs are breached

  UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’

• February 11, 2026 11 Feb'26

  The Security Interviews: Mick Baccio, Splunk

  Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter

• February 11, 2026 11 Feb'26

  CIOs discuss friction between legacy IT and innovation

  While it may not be something IT leaders want to talk about, managing technical debt is critical to moving forward with IT innovation

• February 10, 2026 10 Feb'26

  Arctic Wolf targets mid-market security gap in APAC

  Following the launch of its full portfolio in Malaysia, the SOC provider discusses the security challenges facing lean IT teams, the value of supplier neutrality, and its roadmap for AI and ransomware protection

• February 10, 2026 10 Feb'26

  Researchers delve inside new SolarWinds RCE attack chain

  Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability