News

IT for utilities and energy

• March 25, 2026 25 Mar'26

  Emergency Microsoft, Oracle patches point to wider cyber issues

  Emergency out-of-band patches from Microsoft and Oracle signal underlying security issues around update cycles and patching, and identity security and zero-trust, says the community

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 23, 2026 23 Mar'26

  Bucks landfill datacentre first to get Nationally Significant status

  300MW proposed project is the first to be allowed to benefit from streamlined national-level planning process after being given Nationally Significant Infrastructure Project status by ministers

• March 19, 2026 19 Mar'26

  Cisa tells US organisations to harden endpoint management after Stryker attack

  Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  NHS digital ambition needs reality check amid frontline work pressures

  The NHS 10-year plan is ambitious and brave. However, Cheshire and Merseyside GP Tom Micklewright says limited funding flexibility and pressure on primary care are among the issues hindering success

• March 19, 2026 19 Mar'26

  Apple issues first Background patch for WebKit browser flaw

  Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 16, 2026 16 Mar'26

  Companies House restarts online services following cyber breach

  Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure

• March 11, 2026 11 Mar'26

  Met Office ‘supercomputing as a service’ one year old

  Artificial intelligence is not key to the weather picture, as the forecasting and climate prediction agency lauds the benefits of moving from on-site supercomputers to cloud computing for scientific modelling

• March 11, 2026 11 Mar'26

  UK government announces package to get more women in tech

  The UK government aims to add billions of pounds to the economy through getting more women into the tech sector

• March 11, 2026 11 Mar'26

  Cyber industry welcomes women, but challenges persist

  Three-quarters of women working in security say they feel comfortable in the field, but women are still much more likely to be laid off and face persistent challenges around career advancement, according to a report

• March 11, 2026 11 Mar'26

  Salesforce tracks possible ShinyHunters campaign targeting its users

  Salesforce warns users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 06, 2026 06 Mar'26

  Norway braced for foreign AI cyber attacks on vital petroleum computing

  Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU

• March 06, 2026 06 Mar'26

  Nordics ally with Baltics to accelerate digital wallet roll-out

  Baltic and Nordic countries work together on a common certification system to support digital wallet applications

• March 05, 2026 05 Mar'26

  Spyware suppliers exploit more zero-days than nation states

  Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Zero-day in Android phone chips under active attack

  Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• March 02, 2026 02 Mar'26

  Demand necessitates digital twin and data visualisation at National Grid

  In-house project replaces spreadsheet-based planning for future electricity network

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 23, 2026 23 Feb'26

  €126bn in Dutch tech projects blocked by permits and grid limits

  Ex-ASML chief Peter Wennink’s deregulation solution triggers warnings from academics and government advisors

• February 19, 2026 19 Feb'26

  Minister wants ‘logical conclusion’ to review of digital evidence in light of Post Office scandal

  House of Lords debate saw government minister make an ambiguous promise in regard to the treatment of computer evidence in court

• February 18, 2026 18 Feb'26

  Flaws in Google and Microsoft products added to Cisa catalogue

  Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well

• February 18, 2026 18 Feb'26

  0APT ransomware crew makes embarrassing splash

  A ransomware gang called 0APT has attracted attention, but many of its victims may not even be real, and its operators are being accused of over-egging their criminal pudding

• February 11, 2026 11 Feb'26

  CVE volumes may plausibly reach 100,000 this year

  The number of vulnerabilities to be disclosed in 2026 is almost certain to exceed last year's total, and may be heading towards 100,000, according to analysis

• February 10, 2026 10 Feb'26

  February Patch Tuesday: Microsoft drops six zero-days

  Microsoft releases patches for six zero-day flaws in its latest monthly update, many of them related to security feature bypass issues

• February 10, 2026 10 Feb'26

  Researchers delve inside new SolarWinds RCE attack chain

  Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability

• February 10, 2026 10 Feb'26

  Is the EU’s free trade deal with India the dawn of a new era?

  Trade deal between European Union and India simplifies the visa system for professionals from India, which could make the country’s suppliers more accessible

• February 10, 2026 10 Feb'26

  Second ever international AI safety report published

  More than 100 artificial intelligence experts have produced the second international AI safety report ahead of a summit in India, outlining a high degree of uncertainty about the development and risks of AI

• February 09, 2026 09 Feb'26

  Russia’s cyber attacks on Polish utilities draws NCSC alert

  A series of Russian cyber attacks targeting Poland’s energy infrastructure has prompted a warning from the UK’s National Cyber Security Centre

• February 04, 2026 04 Feb'26

  SolarWinds RCE bug makes Cisa list as exploitation spreads

  Exploitation of CVE-2025-40551, an RCE flaw affecting SolarWinds Web Help Desk, appears to be spreading, with defenders on high alert

• February 04, 2026 04 Feb'26

  UK government must get its hands dirty on security, report says

  As the UK government develops its National Cyber Action Plan, a report from the Rusi think tank urges Westminster to take a more interventionist approach

• February 03, 2026 03 Feb'26

  Ransomware gangs focus on winning hearts and minds

  Ransomware-as-a-service operations are increasingly seeking to forge connections with employees, contractors and trusted partners of their target organisations as an alternative to straight-up hacking, says NCC

• January 29, 2026 29 Jan'26

  Security now one of the UK’s fastest-growing career paths

  The number of people working in the cyber security field has almost trebled in the 2020s, with one cyber professional for every 68 businesses in the UK

• January 27, 2026 27 Jan'26

  Wave of ShinyHunters vishing attacks spreading fast

  The ShinyHunters hacking collective that caused chaos in 2025 is ramping up a new voice phishing campaign, with several potential victims already identified

• January 27, 2026 27 Jan'26

  Broken decryptor leaves Sicarii ransomware victims adrift

  A coding error in an emergent strain of ransomware leaves victims unable to recover their data, even if they cooperate with the hackers’ demands

• January 21, 2026 21 Jan'26

  AI slop pushes data governance towards zero-trust models

  Organisations are implementing zero-trust models for data governance thanks to the proliferation of poor quality AI-generated data, often known as AI slop

• January 20, 2026 20 Jan'26

  UK public sector, CNI in Russian hacktivist crosshairs

  Hacktivists aligned to the Russian state are ramping up their targeting of UK organisations with denial of service attacks

• January 15, 2026 15 Jan'26

  Cyber body ISC2 signs on as UK software security ambassador

  Professional cyber association ISC2 pledges support to UK government’s Software Security Ambassador scheme, part of the recently unveiled Cyber Action Plan

• January 14, 2026 14 Jan'26

  Microsoft DCU uses UK courts to hunt down cyber criminals

  Microsoft has taken down the RedDVS cyber crime-as-a-service network after obtaining a UK court order, marking its first civil legal action outside of the US

• January 13, 2026 13 Jan'26

  Microsoft patches 112 CVEs on first Patch Tuesday of 2026

  January brings a larger-than-of-late Patch Tuesday update out of Redmond, but an uptick in disclosures is often expected at this time of year

• January 13, 2026 13 Jan'26

  ‘Dual-channel’ attacks are the new face of BEC in 2026

  Business email compromise remains a significant threat as cyber fraudsters deploy a more diverse range of tactics against their potential victims, according to a report

• January 13, 2026 13 Jan'26

  Berlin anarchists cite AI in attack on key energy infrastructure

  Berlin anarchists have sabotaged key energy infrastructure in the city, claiming it as an act of ‘self-defence’ against the planet’s destruction by ‘energy-guzzling’ technologies and the wider fossil fuel economy that underpins their development

• January 12, 2026 12 Jan'26

  Business leaders see AI risks and fraud outpacing ransomware, says WEF

  C-suite executives are more concerned with risks arising from AI vulnerabilities and cyber fraud than ransomware, according to the World Economic Forum

• January 08, 2026 08 Jan'26

  Like it or not, AI will transform cyber strategy in 2026

  Bubble or no bubble, from cyber skills to defensive strategies to governance, risk and compliance, artificial intelligence will remake the cyber world in 2026