News

IT risk management

• May 01, 2026 01 May'26

  Cyber experts take an optimistic view of AI-powered hacking

  During the annual CETaS showcase in London, experts discussed the potential cyber risk of tools such as Claude Mythos

• April 30, 2026 30 Apr'26

  Almost half of UK businesses hit by cyber attacks

  The government’s annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches

• April 30, 2026 30 Apr'26

  AI is widening the asymmetry between attackers and defenders

  As threat actors leverage AI to launch attacks at machine speed, cyber defenders must adopt an assumed breach mindset and prioritise breach containment

• April 28, 2026 28 Apr'26

  WhatsApp’s encryption protects servers but leaves users exposed to client-side attacks

  The use of encryption helps to secure WhatsApp’s infrastructure, but researchers at Black Hat Asia warn platform’s architecture is driving hackers to target user devices directly

• April 28, 2026 28 Apr'26

  Vect ransomware actually destructive wiper malware

  Analysis of a form of ransomware called Vect has uncovered a serious flaw that breaks its core functionality and turns it from a locker to a wiper

• April 28, 2026 28 Apr'26

  UK data watchdog accused of dragging feet on eVisa investigation

  Despite longstanding data protection issues with the Home Office’s electronic visa system being flagged five months ago, the UK’s data regulator is yet to take any action

• April 28, 2026 28 Apr'26

  Lloyds Bank compensates another 1,625 customers after ‘alarming’ data breach

  Bank pays out compensation to more customers and reveals expansion of affected group

• April 26, 2026 26 Apr'26

  Black Hat Asia: Privacy and cyber security are inseparable

  The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told

• April 24, 2026 24 Apr'26

  Wiz founder: Hack yourself with AI, before the bad guys do

  At Google Cloud Next, Wiz co-founder Yinon Costica called on security defenders to use AI to steal a march on threat actors, and launched agentic capabilities for cyber teams

• April 24, 2026 24 Apr'26

  BT has now blocked over a billion clicks to malicious websites, says NCSC

  NCSC’s Share and Defend scheme has seen BT block over a billion clicks through to malicious websites

• April 23, 2026 23 Apr'26

  Chinese hackers using compromised networks to spy on Western companies, says Five Eyes

  Companies urged to take countermeasures as Chinese hacking groups use networks of infected home and office devices ‘at scale’ to evade security monitoring systems

• April 23, 2026 23 Apr'26

  Using AI to manage insider risk amid Middle East conflict

  As geopolitical tensions reshape the cyber threat landscape across the region, organisations are turning to artificial intelligence-driven behaviour analytics, investigative automation and monitoring of AI agents to detect insider risk faster and ...

• April 22, 2026 22 Apr'26

  UK to build ‘national cyber shield’ to protect against AI cyber threats

  Security minister Dan Jarvis calls for artificial intelligence companies to work with government to develop AI-driven cyber defences

• April 22, 2026 22 Apr'26

  Google launches Gemini Agent Platform, eighth-generation TPUs

  With more AI agents moving to production, Google Cloud is targeting governance, multi-cloud data architecture and purpose-built silicon to help enterprises orchestrate agentic workflows

• April 22, 2026 22 Apr'26

  A tsunami of flaws: When frontier AI and Patch Tuesday collide

  Microsoft’s April Patch Tuesday drop was the second-largest in history, falling just shy of an October 2025 record. What is behind the spike in vulnerability disclosures, and is there a connection to Anthropic’s bug-hunting Claude Mythos AI model?

• April 21, 2026 21 Apr'26

  Nation states responsible for ‘nationally significant’ cyber attacks against UK, says NCSC chief

  The UK is facing four nationally significant cyber attacks a week, the majority from hostile states, NCSC chief, Richard Horne, will warn at the CyberUK conference

• April 20, 2026 20 Apr'26

  Singapore pushes for global standard to test generative AI

  The proposed standard aims to ensure trustworthy AI by standardising benchmarking and red teaming methodologies, as IMDA’s chief urges faster action on global rules

• April 17, 2026 17 Apr'26

  Surging CVE disclosures force NIST to shake up workflows

  NIST announces big changes to the way it categorises and manages CVEs, which are set to have a big impact on how organisations manage patching and remediation

• April 17, 2026 17 Apr'26

  Bank cyber teams on red alert as Anthropic promises them Mythos next week

  Artificial intelligence supplier promises UK banks opportunity to review AI model, which has already revealed thousands of security flaws

• April 16, 2026 16 Apr'26

  UK’s Sovereign AI supports supercomputing and drug discovery AI startups

  The UK government’s £500m Sovereign AI fund announces first cohort of startups backed to boost economic growth and national security

• April 16, 2026 16 Apr'26

  CyberUK 2026: UK lagging on legal protections for cyber pros

  Ahead of next week’s CyberUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus and proposes a four-pillar framework that would protect cyber professionals from prosecution

• April 15, 2026 15 Apr'26

  UK businesses must face up to AI threat, says government

  Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos

• April 14, 2026 14 Apr'26

  April Patch Tuesday brings zero-days in Defender, SharePoint Server

  Microsoft’s latest Patch Tuesday update may be one of the largest in history, with more than 160 issues in scope

• April 14, 2026 14 Apr'26

  Department for Transport shows how its AI system avoids bias

  A report looking at a system to extract themes from public consultations highlights human and LLM-based checks

• April 14, 2026 14 Apr'26

  UK financial regulators rush to assess risks of Anthropic AI model

  Banks called in by regulators as latest artificial intelligence model identifies thousands of software vulnerabilities

• April 13, 2026 13 Apr'26

  In the AI race, a global bank bets on the human touch

  Standard Chartered’s technology and security chief, Alvaro Garrido, says AI will transform finance, but the industry’s biggest vulnerabilities lie outside its own walls

• April 09, 2026 09 Apr'26

  Singapore Cyber Security Agency chief: Cyber stability a necessity, not a luxury

  With state-linked attacks rising and international rules unravelling, Singapore’s cyber security commissioner calls for global cooperation to prevent catastrophic conflict in cyber space

• April 02, 2026 02 Apr'26

  NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks

  NCSC advises on countermeasures for high-risk individuals over phishing attacks on encrypted messaging services, such as Signal, WhatsApp and Facebook Messenger

• March 31, 2026 31 Mar'26

  High Court dismisses judicial review against eVisa system

  The High Court rules that the Home Office is acting lawfully in refusing to issue alterative proof of immigration status outside of its electronic visa system, but both the judge and the department accepts that those affected by data quality and ...

• March 31, 2026 31 Mar'26

  Shrinking PQC timeline highlights immediate risk to data security

  Google’s decision to move up its timeline for migration to post-quantum cryptography highlights that some of the cyber security risks posed by quantum computing are already reality

• March 27, 2026 27 Mar'26

  EU Parliament rejects Chat Control message scanning

  MEPs vote down proposals to allow US tech companies to continue scanning private messages for illegal content

• March 26, 2026 26 Mar'26

  Oracle Cloud Infrastructure: The bare metal facts

  The Oracle Cloud Infrastructure appears to have more in common with datacentre hosting than with public infrastructure-as-a-service providers

• March 26, 2026 26 Mar'26

  UAE positions cyber security as pillar of national resilience and digital growth

  Strategic investment and coordination reinforce the country’s ability to withstand complex cyber threats

• March 26, 2026 26 Mar'26

  Agentic bots and synthetic identities fuel surge in fraud

  LexisNexis Risk Solutions warns of a 450% rise in agentic traffic and an eight-fold increase in synthetic identity fraud as cyber criminals scale automation to bypass security controls

• March 25, 2026 25 Mar'26

  US government launches Bureau of Emerging Threats

  The US’ Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space and other emerging technologies

• March 25, 2026 25 Mar'26

  Emergency Microsoft, Oracle patches point to wider cyber issues

  Emergency out-of-band patches from Microsoft and Oracle signal underlying security issues around update cycles and patching, and identity security and zero-trust, says the community

• March 25, 2026 25 Mar'26

  Why AI agents are one prompt away from ransomware

  As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI

• March 24, 2026 24 Mar'26

  Cyber pros must grasp the vibe coding nettle, says NCSC chief

  At RSA in San Francisco, NCSC chief exec Richard Horne says security professionals have an opportunity and a responsibility to get in front of the security issues raised by the popularity of ‘vibe coding’

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 24, 2026 24 Mar'26

  QuikBot and EFGH bring real-time insurance to physical AI

  The two companies will embed insurance directly into the infrastructure governing autonomous robots, reducing claims processing and creating a trust layer for smart cities

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 20, 2026 20 Mar'26

  Essex Police halts live facial recognition over bias and accuracy risks

  LFR deployments by Essex Police will not continue until risks associated with bias and inaccuracy have been reduced

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  AI makes debut in Bridewell cyber security in CNI report

  Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 18, 2026 18 Mar'26

  UK MoD awards more than two dozen contracts for AI targeting systems

  The UK Ministry of Defence is ramping up its investment into military artificial intelligence in a bid to increase the ‘lethality’ of the British armed forces

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 17, 2026 17 Mar'26

  Contactless payment limit removal will happen overnight, but change won’t

  Banks will be able to set their own contactless card payment limits from 19 March, following rule change by Financial Conduct Authority

• March 17, 2026 17 Mar'26

  Health workers call for Palantir to be booted from NHS contracts

  Health justice charity Medact warns that Palantir’s involvement in NHS data systems is a threat to patients and healthcare organisations

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem