News

IT security

• March 16, 2026 16 Mar'26

  Revealed: How HMRC has been quietly building surveillance capabilities

  HMRC has bought phone scanning equipment and analysis software capable of extracting data from mobile devices as it steps up its electronic intelligence gathering capabilities, an investigation by Computer Weekly reveals

• March 13, 2026 13 Mar'26

  Interpol obliterates cyber criminal infrastructure

  A major Interpol operation has resulted in the seizure of thousands of malicious cyber criminal IP addresses and servers, and multiple arrests

• March 13, 2026 13 Mar'26

  UK falls behind on supercomputing amid slow investment, NAO warns

  While UKRI has improved its oversight of research and innovation, funding remains fragmented and has been too slow to replace supercomputers

• March 12, 2026 12 Mar'26

  The UK government’s digital identity scheme: Dystopian nightmare or modernised public services?

  Critics and supporters of digital ID are honing their arguments for the government’s consultation – but it’s the public that will decide. How should you choose?

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Cyber industry welcomes women, but challenges persist

  Three-quarters of women working in security say they feel comfortable in the field, but women are still much more likely to be laid off and face persistent challenges around career advancement, according to a report

• March 11, 2026 11 Mar'26

  Salesforce tracks possible ShinyHunters campaign targeting its users

  Salesforce warns users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool

• March 11, 2026 11 Mar'26

  Child rapist could have profiled victims through unaudited access to NHS databases

  NHS analyst’s conviction for child sexual abuse offences raises concerns over unaudited access to patient data

• March 11, 2026 11 Mar'26

  CISOs on alert: Strengthening cyber resilience amid geopolitical tensions in the Middle East

  As regional uncertainty rises, security leaders across the Gulf focus on resilience, faster incident response and deeper threat intelligence to protect critical systems and data

• March 11, 2026 11 Mar'26

  Welsh government boosts funding for cyber education

  The Welsh government’s Tech Valleys programme is providing three-quarters of a million pounds to help reach thousands of primary school children with security education and careers guidance

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 10, 2026 10 Mar'26

  Whitehall launches digital ID consultation

  Eight-week consultation aims to get the public’s view on how the proposed digital ID system would work, and contemplates introducing a universal unique identifier linked to the ID

• March 10, 2026 10 Mar'26

  Met Police to ‘trial’ handheld facial recognition tech

  London Mayor Sadiq Khan reveals in a scrutiny session with London Assembly members that the Met is set to trial a facial recognition phone app for police officers

• March 10, 2026 10 Mar'26

  AI chooses nuclear escalation in 95% of simulated crises

  With artificial intelligence increasingly deployed in analysis and decision-making in armed conflict, research shows AI systems will not naturally default to ‘safe’ outcomes in nuclear crises

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 09, 2026 09 Mar'26

  APT36 unleashes AI-generated ‘vibeware’ to flood targets

  The Pakistani threat group has been using AI to rewrite malicious code across multiple programming languages, prioritising scale over sophistication to evade detection, security researchers have found

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 06, 2026 06 Mar'26

  Norway braced for foreign AI cyber attacks on vital petroleum computing

  Nordic petrostate is preparing for war and turning the spotlight on vulnerabilities in its critical industries, as adversaries look for ways to damage the most important oil and gas producer to the EU

• March 06, 2026 06 Mar'26

  Nordics ally with Baltics to accelerate digital wallet roll-out

  Baltic and Nordic countries work together on a common certification system to support digital wallet applications

• March 06, 2026 06 Mar'26

  Enterprises warming to AI PCs amid growing cloud costs

  While global memory shortages will pose a threat to the broader PC market, AI PCs are gaining momentum across Asia as companies look to cut cloud costs, boost productivity and secure sensitive information

• March 05, 2026 05 Mar'26

  Spyware suppliers exploit more zero-days than nation states

  Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report

• March 05, 2026 05 Mar'26

  Government wants to build digital ID system in-house

  The Home Affairs Committee hearing on digital ID reveals consultation is due next week; there will be no central database; and while government wants to build the system in-house, it will not replace private digital ID providers

• March 05, 2026 05 Mar'26

  Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court

  A high court judge has ruled that police do not have to give reasons to lawyer, who acts for Hamas, why they seized his mobile phone data

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Zero-day in Android phone chips under active attack

  Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 04, 2026 04 Mar'26

  Landmark legal challenge against Home Office eVisa system heard

  The UK High Court will examine whether the Home Office policy of refusing to issue alternative proof of immigration status outside of its electronic visa system is lawful

• March 03, 2026 03 Mar'26

  Resilience under pressure: How regional conflict is reshaping the Middle East tech strategy

  From AWS outages in the UAE to stronger focus on data control and cyber security, tech leaders say the Israel-US-Iran conflict is challenging, but not stopping the region’s digital goals

• March 03, 2026 03 Mar'26

  NCSC: No increase in cyber threat from Iran, but be prepared

  While cyber threat levels remain stable following the outbreak of war in the Middle East at the weekend, at-risk organisations in the UK should take steps to ward off potential reprisals from Iran-linked threat actors

• February 26, 2026 26 Feb'26

  Qilin crew continues to dominate ransomware ecosystem

  The Qilin ransomware gang remained ‘top dog’ in January 2026, with over 100 observed cyber attacks to its name, amid a rapidly evolving and fragmenting cyber criminal ecosystem

• February 26, 2026 26 Feb'26

  Fake UK government website redirect detection time reduced to eight days

  It used to take two months, but the UK government has reduced the time it takes to address fake DNS redirects

• February 26, 2026 26 Feb'26

  US artificial intelligence developers accuse Chinese firms of stealing their data

  Artificial intelligence developers are accusing Chinese firms of stealing their intellectual property following a spate of ‘distillation attacks’, despite their own alleged theft of training data

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar

• February 25, 2026 25 Feb'26

  Cisco Catalyst SD-WAN users targeted in series of cyber attacks

  The NCSC, Cisa, and other Five Eyes agencies have warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN, which Cisco is attributing to an unknown threat actor called UAT-8616

• February 25, 2026 25 Feb'26

  The UK’s proposed social media ban explained

  The UK government will use new legal powers to lay the groundwork for an under-16 social media ban after its consultation on children’s digital well-being, but opponents warn the measures being considered will only treat the symptoms of the problem ...

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 25, 2026 25 Feb'26

  Police created ‘intelligence profile’ of BBC journalist subject to phone surveillance

  Police and MI5 conducted seven unlawful operations to obtain phone data relating to former BBC journalist Vincent Kearney, the Investigatory Powers Tribunal heard today

• February 25, 2026 25 Feb'26

  How AI code generation is pushing DevSecOps to machine speed

  Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes

• February 24, 2026 24 Feb'26

  Cyber association launches code of conduct for security pros

  ISC2’s Code of Professional Conduct will supposedly establish a worldwide framework dedicated to principled and ethical practices in the security trade

• February 23, 2026 23 Feb'26

  Innovate UK cyber startup programme gets £10m funding booster

  Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade

• February 23, 2026 23 Feb'26

  Governments urged to step up enforcement of big tech amid rush to ban social media for under-16s

  The Council of Europe’s Commissioner for Human Rights says that European governments should consider better enforcement against big tech companies before banning children from social media

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 20, 2026 20 Feb'26

  UK AI alignment project gets OpenAI and Microsoft boost

  Altogether, £27m is now available to fund the AI Security Institute’s work to collaborate on safe, secure artificial intelligence

• February 20, 2026 20 Feb'26

  What it takes to secure agentic commerce

  With AI agents increasingly acting as digital concierges for shoppers, verifying bot identities, securing the APIs they rely on and detecting anomalous behaviour will be key to safeguarding automated transactions, according to Akamai

• February 19, 2026 19 Feb'26

  ICO wins appeal over data protection obligations in Currys cyber attack

  The UK Information Commissioner’s Office has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World

• February 19, 2026 19 Feb'26

  PromptSpy Android malware may exploit Gemini AI

  A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence

• February 19, 2026 19 Feb'26

  European politicians amplify disinformation about UN rapporteur

  Government officials from the US and Europe have condemned UN special rapporteur Francesca Albanese for remarks about Israel she never made, based on a truncated clip circulating online that takes her statements out of context

• February 19, 2026 19 Feb'26

  Bank of Ireland UK fined for late security system implementation

  The payments regulator has fined the bank nearly £4m after it missed a deadline to implement a system to check payees