News

IT security

December 31, 2025 31 Dec'25
Top 10 surveillance, journalism and encryption stories of 2025

A transatlantic row between the UK and the Trump administration erupted after the UK attempted to force Apple to break its advanced encryption. That was just one of a series of stories reporting on the tension between state surveillance and privacy ...
December 30, 2025 30 Dec'25
Top 10 technology ethics stories of 2025

Here are Computer Weekly’s top 10 tech ethics stories of 2025
December 30, 2025 30 Dec'25
Top 10 European IT stories of 2025

Here are Computer Weekly’s top 10 European technology stories of 2025
December 29, 2025 29 Dec'25
Top 10 cyber security stories of 2025

AI dominated all tech conversations this year, but the concerns of cyber security professionals extend far beyond. From remote work to supply chains, quantum to identity, there were plenty of other topics for the industry to chew over in 2025.

December 28, 2025 28 Dec'25
Middle East tech trends 2026: AI, cyber security and sovereign infrastructure take centre stage

As artificial intelligence moves from experimentation to production and cyber threats escalate, the Middle East is entering a decisive phase of digital transformation, says Omdia chief analyst Trevor Clarke
December 24, 2025 24 Dec'25
Top 10 cyber crime stories of 2025

In many regards, 2025 proved to be a relatively normal year for the cyber security world as threat actors and security pros continued their long-running cat-and-mouse game, but it was also a stand-out year that saw some of the largest cyber attacks ...
December 23, 2025 23 Dec'25
Top 10 ANZ stories of 2025

The 2025 tech landscape in Australia and New Zealand was dotted with major data breaches even as organisations continue to press on with their digital transformation efforts in areas such as AI and automation
December 19, 2025 19 Dec'25
European Commission renews UK data adequacy agreement, ensuring continued free flow of data

Despite calls from some data protection campaigners, the UK's agreement to allow data movement with European Economic Area countries is extended until 2031
December 19, 2025 19 Dec'25
‘Sensitive’ data stolen in Westminster City Council cyber attack

London borough confirms that data breach affecting three neighbouring councils in a shared IT services operation led to personal information being copied by a third party
December 19, 2025 19 Dec'25
UK government confirms Foreign Office cyber attack

Reports blame Chinese hacking group but minister insists the source of the attack is unclear

December 18, 2025 18 Dec'25
Fortinet vulnerabilities prompt pre-holiday warnings

Analysts track exploitation of two vulnerabilities disclosed last week by Fortinet
December 18, 2025 18 Dec'25
AI safeguards improving, says UK government-backed body

Inaugural AI Security Institute report claims that safeguards in place to ensure AI models behave as intended seem to be improving
December 17, 2025 17 Dec'25
ClickFix attacks that bypass cyber controls on the rise

NCC’s monthly threat report details the growing prevalence of ClickFix attacks in the wild
December 15, 2025 15 Dec'25
Top IT predictions in APAC in 2026

Enterprises across the Asia-Pacific region are expected to prioritise sovereign architectures, double down on securing agentic systems and rewrite their infrastructure playbooks, among other tech trends
December 12, 2025 12 Dec'25
Streisand effect: Businesses that pay ransomware gangs are more likely to hit the headlines

Research by ransomware expert Max Smeets suggests companies that pay up to criminal gangs are more likely to attract press attention
December 12, 2025 12 Dec'25
Trump plans bonfire of US state-level AI regulation

US president’s executive order targets state-level AI regulatory frameworks across the country, saying they are too onerous and endangering leadership in the field
December 12, 2025 12 Dec'25
Digital Ethics Summit 2025: Open sourcing and assuring AI

Industry experts met to discuss the ethical challenges associated with assuring AI systems, and how open source approaches can challenge concentrations of capital and power
December 11, 2025 11 Dec'25
Microsoft expands bug bounty scheme to include third-party software

The company is to offer bug bounty awards for people who report security vulnerabilities in third-party and open source software impacting Microsoft services
December 09, 2025 09 Dec'25
Microsoft patched over 1,100 CVEs in 2025

The final Patch Tuesday update of the year brings 56 new CVEs, bringing the year-end total to more than 1,100
December 09, 2025 09 Dec'25
How Chinese-owned Radisson Hotel Group split US enterprise resource planning

During the UK and Ireland SAP user group conference in Birmingham, Computer Weekly met with the SAP platform lead at Radisson Hotel Group
December 09, 2025 09 Dec'25
MPs maul digital ID plans in Parliamentary debate

MPs brand the government’s digital ID plans ‘un-British’ and ‘an attack on civil liberties’ during debate on the controversial policy
December 09, 2025 09 Dec'25
Why bug bounty schemes have not led to secure software

Computer Weekly speaks to Katie Moussouris, security entrepreneur and bug bounty pioneer, about the life of security researchers, bug bounties and the artificial intelligence revolution
December 09, 2025 09 Dec'25
OAIC to launch blitz on privacy compliance

Australia’s privacy watchdog will begin the new year with a compliance sweep targeting businesses that run afoul of privacy rules, including the over-collection of personal information in-person, warning that non-compliance could trigger fines
December 08, 2025 08 Dec'25
NCSC warns of confusion over true nature of AI prompt injection

Malicious prompt injections to manipulate GenAI large language models are being wrongly compared to classical SQL injection attacks. In reality, prompt injection may be a far worse problem, says the UK’s NCSC
December 08, 2025 08 Dec'25
How police live facial recognition subtly reconfigures suspicion

A growing body of research suggests that the use of live facial recognition is reshaping police perceptions of suspicion in ways that undermine supposed human-in-the-loop protections
December 05, 2025 05 Dec'25
Cyber teams on alert as React2Shell exploitation spreads

Exploitation of an RCE flaw in a widely used open source library is spreading quickly, with China-backed threat actors in the driving seat
December 05, 2025 05 Dec'25
Cloudflare fixes second outage in a month

A change to web application firewall policies at Cloudflare caused problems across the internet less than three weeks after another major outage at the service, but no cyber attack is suspected
December 04, 2025 04 Dec'25
NCC supporting London councils gripped by cyber attacks

Three west London councils hit by a cyber attack continue to investigate as services remain disrupted nearly two weeks on
December 04, 2025 04 Dec'25
Constrained budgets left security teams short-handed in 2025

With 2024 seeing surges in security funding cuts, lay-offs and hiring freezes, 2025 brought some relief for cyber pros, but constrained budgets are leaving security teams short-staffed
December 04, 2025 04 Dec'25
Home Office launches police facial recognition consultation

The Home Office has formally opened a 10-week consultation on a legal framework for police use of facial recognition technologies, and will consider extending any new rules to police deployments of other biometric and inferential technologies
December 04, 2025 04 Dec'25
Western coalition supplying tech to Ukraine prepared for long war

Russia is deploying hybrid warfare against Europe as western nations supply critical IT and telecoms equipment to Ukraine’s front line
December 03, 2025 03 Dec'25
UK government pledges to rewrite Computer Misuse Act

Campaigners celebrate as security minister Dan Jarvis commits to amending the outdated Computer Misuse Act to protect security professionals from prosecution
December 03, 2025 03 Dec'25
NCSC and BT block a billion dangerous clicks

A protective service jointly developed by the NCSC and BT has disrupted over a billion potential cyber incidents by stopping members of the public from clicking through to dangerous websites
December 03, 2025 03 Dec'25
UK national security strategy failing to account for online world

The UK government’s national security strategy is falling short on online matters, according to the independent reviewer of terrorism
December 03, 2025 03 Dec'25
Interview: Florence Mottay, global CISO, Zalando

Florence Mottay moved from mathematics to software engineering, and is now leading security at Zalando, a high-tech online fashion retailer
December 03, 2025 03 Dec'25
Post Office avoids £1m fine over botched website upgrade data breach

The Information Commissioner’s Office considered fining the Post Office £1m for a 2024 data breach that let subpostmasters down again
December 03, 2025 03 Dec'25
Women in Cybersecurity Middle East marks five years of impact at Black Hat MEA

As AI reshapes the regional cyber security landscape, diversity and skills development remain at the heart of building a resilient digital workforce
December 03, 2025 03 Dec'25
Black Hat MEA: Saudi Vision 2030 fuels surge in cyber security innovation

Global cyber firms are racing to support the Kingdom’s mega-projects, but building trusted partnerships remains key, says Exabeam CEO Pete Harteveld
December 02, 2025 02 Dec'25
UK prosecution of alleged Chinese spies was ‘shambolic’ says Parliamentary committee

The Joint Committee on National Security Strategy reports that China was engaged in malicious cyber attacks against UK Parliament and democratic institutions
December 02, 2025 02 Dec'25
AWS targets vulnerable code with security agent

At AWS re:Invent 2025, the cloud giant unveiled a security agent designed to bridge the gap between development speed and security validation, along with the general availability of Security Hub analytics
December 02, 2025 02 Dec'25
Strategic shift pays off as Okta bids to ease agentic AI risk

Nine months after restructuring its go-to-market, Okta is buoyed by a growing recognition of how crucial identity has become thanks to the spread of AI agents
December 02, 2025 02 Dec'25
Use of digital ID in UK achieves statutory status

A formal regime of certification and governance is now in place for digital identity services – just as the UK government presses ahead with its controversial plan for a national ID scheme
December 01, 2025 01 Dec'25
Mandatory digital ID paves way for surveillance and exclusion, MPs hear

It is currently unclear how the UK’s government’s proposed mandatory digital ID scheme will help with its stated goal of curbing illegal migration and working
December 01, 2025 01 Dec'25
SASE, SD-WAN evolve as enterprises prioritise unified network security

Research confirms trend that software-defined wide-area network implementations are increasingly tied to security, with the continual rise of cyber security incidents worldwide only accelerating this dynamic
December 01, 2025 01 Dec'25
Interview: Mariano Albera, CTO, Checkout.com

Checkout.com’s chief technology officer has spent most of his career in the e-commerce industry, and now he is applying what he learned to the finance sector that serves it
November 26, 2025 26 Nov'25
London councils endure wave of cyber attacks, shared IT services hit

Four London councils – Kensington and Chelsea; Hackney; Westminster; and Hammersmith and Fulham – have suffered cyber attacks, disrupting services and prompting NCSC-supported investigation
November 26, 2025 26 Nov'25
US breach reinforces need to plug third-party security weaknesses

Cyber breach at US financial sector tech provider highlights the risk of third-party vulnerabilities in finance ecosystems
November 21, 2025 21 Nov'25
UK digital ID scheme cash will come from existing funds

UK Parliamentary committee hearing reveals there will be no permanent government chief digital officer going forward, and digital ID scheme will be funded by existing budgets
November 20, 2025 20 Nov'25
Russian money launderers bought a bank to disguise ransomware profit

A billion-dollar money laundering network active in the UK funnelled money, including the profits of ransomware attacks, into its own bank to circumvent sanctions on Russia and help fund its attacks on Ukraine
November 20, 2025 20 Nov'25
UK targets ‘bulletproof’ services that hosted ransomware gangs

The UK’s NCA and partners have cracked down on ‘bulletproof’ services that hosted cyber criminal infrastructure