News

Privacy and data protection

• April 07, 2026 07 Apr'26

  Russian cyber spies targeting consumer, Soho routers

  The UK's NCSC and Microsoft have shared details of an ongoing cyber espionage campaign targeting vulnerable network routers, orchestrated by the Russian state actor Fancy Bear.

• April 02, 2026 02 Apr'26

  How ‘Wikipedia of cyber’ helps SAP make sense of threat data

  SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming big challenges. It turned to cutting-edge agentic tools from Uptycs to cut ...

• March 31, 2026 31 Mar'26

  High Court dismisses judicial review against eVisa system

  The High Court rules that the Home Office is acting lawfully in refusing to issue alterative proof of immigration status outside of its electronic visa system, but both the judge and the department accepts that those affected by data quality and ...

• March 31, 2026 31 Mar'26

  Shrinking PQC timeline highlights immediate risk to data security

  Google’s decision to move up its timeline for migration to post-quantum cryptography highlights that some of the cyber security risks posed by quantum computing are already reality

• March 27, 2026 27 Mar'26

  UK government lacks ambition to fight tax fraud, says PAC

  The Public Accounts Committee says the UK government has dropped the ball on the use of data analytics to tackle tax fraud and error, as the public purse haemorrhages billions of pounds

• March 27, 2026 27 Mar'26

  EU Parliament rejects Chat Control message scanning

  MEPs vote down proposals to allow US tech companies to continue scanning private messages for illegal content

• March 24, 2026 24 Mar'26

  Cyber pros must grasp the vibe coding nettle, says NCSC chief

  At RSA in San Francisco, NCSC chief exec Richard Horne says security professionals have an opportunity and a responsibility to get in front of the security issues raised by the popularity of ‘vibe coding’

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Questions raised about Instagram memorialisation in Noah Donohoe inquest

  Court hears that a mother was frozen out of her son’s social media a day after he tragically died, potentially depriving a coroner investigating the case of a ‘huge’ amount of information

• March 19, 2026 19 Mar'26

  Apple issues first Background patch for WebKit browser flaw

  Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims

• March 18, 2026 18 Mar'26

  US lawmakers quiz Meta over ‘dangerous’ facial recognition plans for smart glasses

  Democratic senators warn that Meta’s plans to introduce facial recognition technology into smart glasses could lead to normalisation of mass surveillance and breach citizens’ rights

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 17, 2026 17 Mar'26

  Health workers call for Palantir to be booted from NHS contracts

  Health justice charity Medact warns that Palantir’s involvement in NHS data systems is a threat to patients and healthcare organisations

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem

• March 16, 2026 16 Mar'26

  Companies House restarts online services following cyber breach

  Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure

• March 16, 2026 16 Mar'26

  Revealed: How HMRC has been quietly building surveillance capabilities

  HMRC has bought phone scanning equipment and analysis software capable of extracting data from mobile devices as it steps up its electronic intelligence gathering capabilities, an investigation by Computer Weekly reveals

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Salesforce tracks possible ShinyHunters campaign targeting its users

  Salesforce warns users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool

• March 11, 2026 11 Mar'26

  Child rapist could have profiled victims through unaudited access to NHS databases

  NHS analyst’s conviction for child sexual abuse offences raises concerns over unaudited access to patient data

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 05, 2026 05 Mar'26

  Government wants to build digital ID system in-house

  The Home Affairs Committee hearing on digital ID reveals consultation is due next week; there will be no central database; and while government wants to build the system in-house, it will not replace private digital ID providers

• March 05, 2026 05 Mar'26

  Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court

  A high court judge has ruled that police do not have to give reasons to lawyer, who acts for Hamas, why they seized his mobile phone data

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Zero-day in Android phone chips under active attack

  Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 04, 2026 04 Mar'26

  Landmark legal challenge against Home Office eVisa system heard

  The UK High Court will examine whether the Home Office policy of refusing to issue alternative proof of immigration status outside of its electronic visa system is lawful

• February 25, 2026 25 Feb'26

  The UK’s proposed social media ban explained

  The UK government will use new legal powers to lay the groundwork for an under-16 social media ban after its consultation on children’s digital well-being, but opponents warn the measures being considered will only treat the symptoms of the problem ...

• February 25, 2026 25 Feb'26

  Police created ‘intelligence profile’ of BBC journalist subject to phone surveillance

  Police and MI5 conducted seven unlawful operations to obtain phone data relating to former BBC journalist Vincent Kearney, the Investigatory Powers Tribunal heard today

• February 23, 2026 23 Feb'26

  Innovate UK cyber startup programme gets £10m funding booster

  Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 19, 2026 19 Feb'26

  ICO wins appeal over data protection obligations in Currys cyber attack

  The UK Information Commissioner’s Office has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World

• February 19, 2026 19 Feb'26

  PromptSpy Android malware may exploit Gemini AI

  A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence

• February 17, 2026 17 Feb'26

  Businesses may be caught by government proposals to restrict VPN use

  Labour proposals to restrict social media use to people aged 16 and under could have unintended consequences for businesses using virtual private networks

• February 17, 2026 17 Feb'26

  Government wages cyber campaign as half the UK’s SMEs are breached

  UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’

• February 17, 2026 17 Feb'26

  British Transport Police start using live facial recognition

  British Transport Police will deploy facial recognition for six months despite calls for the government to halt its rapid expansion of the technology

• February 12, 2026 12 Feb'26

  European Commission: TikTok’s addictive design breaches EU law

  In a preliminary ruling, European Commission says TikTok’s additive design features are in breach of laws designed to create safer digital spaces

• February 09, 2026 09 Feb'26

  UAE’s TII challenges big tech dominance with open source Falcon AI models

  Through its Falcon models and an open, efficiency-driven research strategy, the Technology Innovation Institute is positioning the UAE as a producer of foundational AI, not merely a consumer of global platforms

• February 09, 2026 09 Feb'26

  US bid for Dutch ID infrastructure raises sovereignty concerns

  Kyndryl’s proposed takeover shows how critical systems become exposed to foreign control without an overarching policy decision

• February 04, 2026 04 Feb'26

  UK government must get its hands dirty on security, report says

  As the UK government develops its National Cyber Action Plan, a report from the Rusi think tank urges Westminster to take a more interventionist approach

• February 03, 2026 03 Feb'26

  Infosecurity Europe launches cyber security startups stream

  Infosecurity Europe 2026 will feature a cyber security startup exhibition zone and a competition for business support, in conjunction with the UK Cyber Flywheel organisation

• February 03, 2026 03 Feb'26

  Banks on the hook for £173m in APP fraud reimbursement

  Banks paid 88% losses claimed by customers that fell victim to authorised push payment fraud last year

• February 02, 2026 02 Feb'26

  Canva uses 1Password to secure ID during growth phase

  As it underwent a growth spurt in the early 2020s, graphic design platform Canva turned to 1Password to manage identity across its expanding organisation

• January 30, 2026 30 Jan'26

  Home Office announces sweeping police technology plans

  The Home Office plans to ramp up its deployment of artificial intelligence and facial-recognition technologies under wide-ranging reforms to UK policing

• January 27, 2026 27 Jan'26

  Saudi Arabia ordered to pay £3m to UK dissident targeted with Pegasus spyware

  A court has found that the Kingdom of Saudi Arabia subjected a London-based human rights activist to abuse and physical violence after infecting his phone with Pegasus spyware

• January 23, 2026 23 Jan'26

  Singapore debuts world’s first governance framework for agentic AI

  The Infocomm Media Development Authority has released a guide to help enterprises deploy artificial intelligence agents safely and address specific risks such as unauthorised actions and automation bias

• January 22, 2026 22 Jan'26

  Sportswear firm Under Armour falls victim to data breach

  Details of over 70 million customers of US sportswear giant Under Armour were leaked following a supposed ransomware attack by the Everest gang