News

Hackers and cybercrime prevention

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Welsh government boosts funding for cyber education

  The Welsh government’s Tech Valleys programme is providing three-quarters of a million pounds to help reach thousands of primary school children with security education and careers guidance

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 10, 2026 10 Mar'26

  Whitehall launches digital ID consultation

  Eight-week consultation aims to get the public’s view on how the proposed digital ID system would work, and contemplates introducing a universal unique identifier linked to the ID

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 09, 2026 09 Mar'26

  APT36 unleashes AI-generated ‘vibeware’ to flood targets

  The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 06, 2026 06 Mar'26

  Norway braced for foreign AI cyber attacks on vital petroleum computing

  Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU

• March 05, 2026 05 Mar'26

  Spyware suppliers exploit more zero-days than nation states

  Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• February 26, 2026 26 Feb'26

  Qilin crew continues to dominate ransomware ecosystem

  The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and fragmenting cyber criminal ecosystem

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar

• February 25, 2026 25 Feb'26

  Cisco Catalyst SD-WAN users targeted in series of cyber attacks

  The NCSC, Cisa, and other Five Eyes agencies have warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN, which Cisco is attributing to an unknown threat actor called UAT-8616

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 25, 2026 25 Feb'26

  How AI code generation is pushing DevSecOps to machine speed

  Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes

• February 23, 2026 23 Feb'26

  Innovate UK cyber startup programme gets £10m funding booster

  Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 20, 2026 20 Feb'26

  UK AI alignment project gets OpenAI and Microsoft boost

  Altogether, £27m is now available to fund the AI Security Institute’s work to collaborate on safe, secure artificial intelligence

• February 20, 2026 20 Feb'26

  What it takes to secure agentic commerce

  With AI agents increasingly acting as digital concierges for shoppers, verifying bot identities, securing the APIs they rely on and detecting anomalous behaviour will be key to safeguarding automated transactions, according to Akamai

• February 19, 2026 19 Feb'26

  PromptSpy Android malware may exploit Gemini AI

  A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence

• February 18, 2026 18 Feb'26

  Flaws in Google and Microsoft products added to Cisa catalogue

  Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well

• February 18, 2026 18 Feb'26

  0APT ransomware crew makes embarrassing splash

  A ransomware gang called 0APT has attracted attention, but many of its victims may not even be real, and its operators are being accused of over-egging their criminal pudding

• February 17, 2026 17 Feb'26

  Western cyber alliances risk fragmenting in new world order

  The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious

• February 17, 2026 17 Feb'26

  Government wages cyber campaign as half the UK’s SMEs are breached

  UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’

• February 11, 2026 11 Feb'26

  The Security Interviews: Mick Baccio, Splunk

  Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter

• February 11, 2026 11 Feb'26

  CIOs discuss friction between legacy IT and innovation

  While it may not be something IT leaders want to talk about, managing technical debt is critical to moving forward with IT innovation

• February 10, 2026 10 Feb'26

  Arctic Wolf targets mid-market security gap in APAC

  Following the launch of its full portfolio in Malaysia, the SOC provider discusses the security challenges facing lean IT teams, the value of supplier neutrality, and its roadmap for AI and ransomware protection

• February 10, 2026 10 Feb'26

  Researchers delve inside new SolarWinds RCE attack chain

  Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability

• February 10, 2026 10 Feb'26

  Artificial intelligence now finance sector’s ‘connective tissue’

  Major study finds debate over AI adoption is over as almost every finance firm in the world is already using the technology

• February 10, 2026 10 Feb'26

  Singapore mounts largest ever cyber operation to oust APT actor

  Operation Cyber Guardian mobilised over 100 defenders to neutralise UNC3886, which infiltrated Singtel, StarHub, M1 and Simba networks, operators issue joint pledge on defence-in-depth

• February 09, 2026 09 Feb'26

  Russia’s cyber attacks on Polish utilities draws NCSC alert

  A series of Russian cyber attacks targeting Poland’s energy infrastructure has prompted a warning from the UK’s National Cyber Security Centre

• February 09, 2026 09 Feb'26

  As space gets crowded, cyber threats from jamming to stalker satellites loom large

  Experts at the inaugural CYSAT Asia in Singapore warn of the urgency of securing space assets amid growing geopolitical tensions and supply chain vulnerabilities

• February 04, 2026 04 Feb'26

  SolarWinds RCE bug makes Cisa list as exploitation spreads

  Exploitation of CVE-2025-40551, an RCE flaw affecting SolarWinds Web Help Desk, appears to be spreading, with defenders on high alert

• February 04, 2026 04 Feb'26

  UK government must get its hands dirty on security, report says

  As the UK government develops its National Cyber Action Plan, a report from the Rusi think tank urges Westminster to take a more interventionist approach

• February 03, 2026 03 Feb'26

  Ransomware gangs focus on winning hearts and minds

  Ransomware-as-a-service operations are increasingly seeking to forge connections with employees, contractors and trusted partners of their target organisations as an alternative to straight-up hacking, says NCC

• February 03, 2026 03 Feb'26

  Infosecurity Europe launches cyber security startups stream

  Infosecurity Europe 2026 will feature a cyber security startup exhibition zone and a competition for business support, in conjunction with the UK Cyber Flywheel organisation

• February 03, 2026 03 Feb'26

  Banks on the hook for £173m in APP fraud reimbursement

  Banks paid 88% losses claimed by customers that fell victim to authorised push payment fraud last year

• February 02, 2026 02 Feb'26

  Interview: Why identity is the nucleus for cyber security

  Amid a wave of market consolidation, Computer Weekly speaks to Keeper Security’s leadership on how identity and access management systems are becoming unified identity platforms capable of securing both human and machine identities

• January 29, 2026 29 Jan'26

  RAMP ransomware forum goes dark in probable FBI sting

  RAMP, an infamous Russian-speaking cyber crime forum, has gone off the air after an apparent US operation

• January 29, 2026 29 Jan'26

  Security now one of the UK’s fastest-growing career paths

  The number of people working in the cyber security field has almost trebled in the 2020s, with one cyber professional for every 68 businesses in the UK

• January 27, 2026 27 Jan'26

  Wave of ShinyHunters vishing attacks spreading fast

  The ShinyHunters hacking collective that caused chaos in 2025 is ramping up a new voice phishing campaign, with several potential victims already identified

• January 27, 2026 27 Jan'26

  Saudi Arabia ordered to pay £3m to UK dissident targeted with Pegasus spyware

  A court has found that the Kingdom of Saudi Arabia subjected a London-based human rights activist to abuse and physical violence after infecting his phone with Pegasus spyware

• January 27, 2026 27 Jan'26

  Broken decryptor leaves Sicarii ransomware victims adrift

  A coding error in an emergent strain of ransomware leaves victims unable to recover their data, even if they cooperate with the hackers’ demands

• January 23, 2026 23 Jan'26

  US punts renewal of threat data sharing law to September

  US lawmakers have extended the Cybersecurity Information Sharing Act of 2015 for another nine months, buying time to enact a replacement for the legislation.

• January 23, 2026 23 Jan'26

  Ransomware, reputation, risk: Black Hat Europe in review, 2026 in view

  Black Hat Europe made clear that cyber security can no longer be separated from politics, economics and behaviour, as ransomware, AI and long-standing security failures combine

• January 22, 2026 22 Jan'26

  Sportswear firm Under Armour falls victim to data breach

  Details of over 70 million customers of US sportswear giant Under Armour were leaked following a supposed ransomware attack by the Everest gang