News

IT security

• September 15, 2025 15 Sep'25

  MI5 unlawfully monitored the phone of BBC journalist Vincent Kearney

  The Investigatory Powers Tribunal heard today that the security service has conceded that it unlawfully monitored the phone data of former BBC Spotlight reporter Vincent Kearney

• September 12, 2025 12 Sep'25

  EU Data Act comes into force amid fears of regulation fatigue

  The EU Data Act will potentially give users control of device data, and boost data sharing, cloud switching and competition while raising compliance demands

• September 11, 2025 11 Sep'25

  M&S parts ways with CTO after cyber attack

  M&S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer’s systems

• September 11, 2025 11 Sep'25

  Students an increasing source of cyber threat in UK schools

  Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools

• September 11, 2025 11 Sep'25

  Chat Control: EU to decide on requirement for tech firms to scan encrypted messages

  Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts

• September 10, 2025 10 Sep'25

  Splunk.conf: Cisco and Splunk expand agentic SOC vision

  The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims

• September 10, 2025 10 Sep'25

  Jaguar Land Rover admits data has been compromised in cyber attack

  The car maker revealed that data was stolen in the cyber attack that began on 31 August, as its production line continues to be affected

• September 10, 2025 10 Sep'25

  UK contactless card payment limits could be unlimited

  The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit

• September 10, 2025 10 Sep'25

  Open source security and sustainability remain unsolved problem

  While software bills of materials offer some transparency over software components, they don’t solve the imbalance between corporate consumption of open source software and the lack of investment in its security and health

• September 09, 2025 09 Sep'25

  Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

  The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right

• September 09, 2025 09 Sep'25

  UK AI sector balloons by 85% to 5,800 companies from 2023 to 2025

  A Perspective Economics study commissioned by DSIT sizes the UK AI sector at 5,800 companies, an increase of 85% over two years

• September 08, 2025 08 Sep'25

  Splunk.conf: Splunk and Cisco showcase unified platform

  With 18 months having elapsed since Cisco closed its acquisition of Splunk, joint platform capabilities and developments are being showcased at the annual Splunk.conf fair

• September 08, 2025 08 Sep'25

  Northern Ireland police kept inspectors in dark over surveillance of journalists

  The Police Service of Northern Ireland failed to inform the Investigatory Powers Commissioner’s Office about surveillance operations against journalists during annual inspections

• September 08, 2025 08 Sep'25

  AI boom to push Australian IT spending past A$172bn

  Australian IT spending is set to grow by 8.9% in 2026, driven by growing investments in artificial intelligence, datacentre systems and cloud, according to Gartner

• September 05, 2025 05 Sep'25

  US politicians ponder Wimwig cyber intel sharing law

  US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities

• September 05, 2025 05 Sep'25

  Jaguar Land Rover cyber attack keeps workers at home

  The recent cyber attack on Jaguar Land Rover is keeping workers out of the plants as possible attack group identity becomes public

• September 04, 2025 04 Sep'25

  UK sets out plans for AI assurance leadership

  Labour wants the UK to become the world leader in artificial intelligence assurance

• September 03, 2025 03 Sep'25

  European court upholds EU-US Data Privacy Framework data-sharing agreement

  EU General Court upholds EU-US Data Privacy Framework, bringing certainty to businesses that exchange data with the US – for now. An appeal may be in the offing

• September 03, 2025 03 Sep'25

  IT departments face huge Windows 10 support bill

  When Windows 10 reaches end-of-life on October 14th, organisations will need to purchase an Extended Support contract to receive Microsoft patches

• September 03, 2025 03 Sep'25

  Fastly CEO plots course through AI and security

  Chief exec Kip Compton explains how Fastly’s unified platform is solving the web’s biggest challenges, from content scrapping by AI bots to distributed denial-of-service attacks

• September 02, 2025 02 Sep'25

  OpenAI targets India with datacentre push

  The AI firm is planning to open a one-gigawatt datacentre in India, which could reduce latency, ensure regulatory compliance and give it an edge over hyperscalers

• September 02, 2025 02 Sep'25

  Cyber attackers damage Jaguar Land Rover production

  Jaguar Land Rover reports a cyber attack has ‘severely disrupted’ its vehicle production and retail operations, recalling similar attacks on other prominent British brands this year

• September 02, 2025 02 Sep'25

  JFrog extends DevSecOps playbook to AI governance

  The software security specialist is leveraging its capabilities in DevSecOps to address security, data provenance and bias in AI models

• August 31, 2025 31 Aug'25

  Google Cloud brings on-premise Gemini AI to Singapore

  Move allows government agencies and regulated industries to run Google’s most powerful artificial intelligence models in their own datacentres, directly addressing data security and residency requirements to fuel the nation’s AI ambitions

• August 29, 2025 29 Aug'25

  ICO publishes summary of police facial recognition audit

  The UK data regulator has released a summary of its facial recognition audit of two police forces

• August 29, 2025 29 Aug'25

  Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm

  A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world

• August 28, 2025 28 Aug'25

  Microsoft refuses to divulge data flows to Police Scotland

  Tech giant Microsoft is declining to share key information with Police Scotland about where the sensitive data it uploads to Office 365 will be processed, leaving the force unable to comply with UK-wide data protection laws

• August 28, 2025 28 Aug'25

  UK cyber security centre helps expose China-based cyber campaign

  GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses

• August 27, 2025 27 Aug'25

  Incident response planning cuts the risk of claiming on cyber security insurance

  Proper attention to incident response planning is emerging as a core cyber control when it comes to reducing the risk of having to claim on cyber security insurance, according to a report

• August 27, 2025 27 Aug'25

  Ransomware activity levelled off in July, says NCC

  Ransomware levels held steady in the month of July, although the risk remained as persistent as ever

• August 26, 2025 26 Aug'25

  Three new Citrix NetScaler zero-days under active exploitation

  Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor

• August 26, 2025 26 Aug'25

  Okta makes AI identity play with Axiom acquisition

  Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities

• August 25, 2025 25 Aug'25

  How to secure the identity perimeter and prepare for AI agents

  Ping Identity CEO Andre Durand explains why identity has become the critical security battleground, how decentralised credentials will reduce data breach risks, and why AI agents will need their own identities to be trusted

• August 25, 2025 25 Aug'25

  Ransomware attack volumes up nearly three times on 2024

  During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024

• August 21, 2025 21 Aug'25

  Moscow exploiting seven-year-old Cisco flaw, says FBI

  US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software

• August 21, 2025 21 Aug'25

  Scale of MoD Afghan data breaches widens dramatically

  Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists

• August 21, 2025 21 Aug'25

  Apple iOS update fixes new iPhone zero-day flaw

  Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users

• August 21, 2025 21 Aug'25

  UK equality watchdog: Met Police facial recognition unlawful

  The UK’s equality watchdog has been granted permission to intervene in a judicial review of the Met Police’s live facial-recognition (LFR) technology use, which it claims is being deployed unlawfully

• August 20, 2025 20 Aug'25

  Microsoft starts including PQC algorithms in cyber foundations

  Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services

• August 20, 2025 20 Aug'25

  Commvault users told to patch two RCE exploit chains

  Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties

• August 20, 2025 20 Aug'25

  Warlock claims more victims as cyber attacks hit Colt and Orange

  Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt

• August 19, 2025 19 Aug'25

  Google spins up agentic SOC to speed up incident management

  Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite

• August 19, 2025 19 Aug'25

  Deepfake AI scammers target the Big Yin

  Cyber criminal scammers exploiting GenAI to create deepfake AI tools are targeting one of the UK’s most beloved comics, and one of its strongest accents

• August 19, 2025 19 Aug'25

  ISACA launches AI security management certification

  ISACA accredited security professionals can now pursue a new AI security management credential

• August 19, 2025 19 Aug'25

  US says UK has agreed to drop encryption ‘backdoor’ demands against Apple

  US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users

• August 19, 2025 19 Aug'25

  Singapore board directors to get cyber crisis training

  The Singapore Institute of Directors and Ensign InfoSecurity have launched a programme to equip 1,000 board leaders with the skills to navigate high-stakes decisions during a cyber crisis

• August 18, 2025 18 Aug'25

  Workday hit in wave of social engineering attacks

  A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday

• August 18, 2025 18 Aug'25

  Extremist hacker who defaced websites and stole data imprisoned

  Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology

• August 18, 2025 18 Aug'25

  L’Oréal to promote cyber resilience for Britain’s beauty salons

  L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice

• August 18, 2025 18 Aug'25

  Okta: AI adoption fuels problems for identity management

  Okta research indicates the emergence and growth of novel security problems, connected with the spread of AI agents and non-human identities