News

Security policy and user awareness

• February 26, 2026 26 Feb'26

  CrowdStrike touts agentic SOC to tackle security woes

  By embedding AI agents across its platform, CrowdStrike is looking to help security teams automate repetitive security tasks, enabling them to focus on complex and stealthier threats that could slip under the radar

• February 25, 2026 25 Feb'26

  Cisco Catalyst SD-WAN users targeted in series of cyber attacks

  The NCSC, Cisa, and other Five Eyes agencies have warned of mass exploitation of vulnerabilities in Cisco Catalyst SD-WAN, which Cisco is attributing to an unknown threat actor called UAT-8616

• February 25, 2026 25 Feb'26

  Application exploitation back in vogue, says IBM cyber unit

  IBM’s X-Force unit observes an uptick in the exploitation of vulnerable public-facing software applications

• February 25, 2026 25 Feb'26

  How AI code generation is pushing DevSecOps to machine speed

  Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools that are helping developers produce code at unprecedented volumes

• February 24, 2026 24 Feb'26

  Cyber association launches code of conduct for security pros

  ISC2’s Code of Professional Conduct will supposedly establish a worldwide framework dedicated to principled and ethical practices in the security trade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation

• February 18, 2026 18 Feb'26

  Flaws in Google and Microsoft products added to Cisa catalogue

  Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well

• February 17, 2026 17 Feb'26

  Western cyber alliances risk fragmenting in new world order

  The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious

• February 17, 2026 17 Feb'26

  Government wages cyber campaign as half the UK’s SMEs are breached

  UK government says half of all small businesses have been cyber breached in the recent past as it urges them to ‘lock the door’

• February 11, 2026 11 Feb'26

  The Security Interviews: Mick Baccio, Splunk

  Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter

• February 10, 2026 10 Feb'26

  February Patch Tuesday: Microsoft drops six zero-days

  Microsoft releases patches for six zero-day flaws in its latest monthly update, many of them related to security feature bypass issues

• February 09, 2026 09 Feb'26

  As space gets crowded, cyber threats from jamming to stalker satellites loom large

  Experts at the inaugural CYSAT Asia in Singapore warn of the urgency of securing space assets amid growing geopolitical tensions and supply chain vulnerabilities

• February 04, 2026 04 Feb'26

  UK government must get its hands dirty on security, report says

  As the UK government develops its National Cyber Action Plan, a report from the Rusi think tank urges Westminster to take a more interventionist approach

• February 02, 2026 02 Feb'26

  Canva uses 1Password to secure ID during growth phase

  As it underwent a growth spurt in the early 2020s, graphic design platform Canva turned to 1Password to manage identity across its expanding organisation

• February 02, 2026 02 Feb'26

  Interview: Why identity is the nucleus for cyber security

  Amid a wave of market consolidation, Computer Weekly speaks to Keeper Security’s leadership on how identity and access management systems are becoming unified identity platforms capable of securing both human and machine identities

• January 29, 2026 29 Jan'26

  RAMP ransomware forum goes dark in probable FBI sting

  RAMP, an infamous Russian-speaking cyber crime forum, has gone off the air after an apparent US operation

• January 27, 2026 27 Jan'26

  Wave of ShinyHunters vishing attacks spreading fast

  The ShinyHunters hacking collective that caused chaos in 2025 is ramping up a new voice phishing campaign, with several potential victims already identified

• January 23, 2026 23 Jan'26

  US punts renewal of threat data sharing law to September

  US lawmakers have extended the Cybersecurity Information Sharing Act of 2015 for another nine months, buying time to enact a replacement for the legislation.

• January 23, 2026 23 Jan'26

  Singapore debuts world’s first governance framework for agentic AI

  The Infocomm Media Development Authority has released a guide to help enterprises deploy artificial intelligence agents safely and address specific risks such as unauthorised actions and automation bias

• January 21, 2026 21 Jan'26

  UK and China reach out across cyber no-man's land

  London and Beijing have supposedly conducted high-level talks seeking to establish a joint security forum to help de-escalate potential cyber flashpoints, according to reports

• January 15, 2026 15 Jan'26

  Cyber body ISC2 signs on as UK software security ambassador

  Professional cyber association ISC2 pledges support to UK government’s Software Security Ambassador scheme, part of the recently unveiled Cyber Action Plan

• January 13, 2026 13 Jan'26

  Microsoft patches 112 CVEs on first Patch Tuesday of 2026

  January brings a larger-than-of-late Patch Tuesday update out of Redmond, but an uptick in disclosures is often expected at this time of year

• January 13, 2026 13 Jan'26

  ‘Dual-channel’ attacks are the new face of BEC in 2026

  Business email compromise remains a significant threat as cyber fraudsters deploy a more diverse range of tactics against their potential victims, according to a report

• January 12, 2026 12 Jan'26

  Business leaders see AI risks and fraud outpacing ransomware, says WEF

  C-suite executives are more concerned with risks arising from AI vulnerabilities and cyber fraud than ransomware, according to the World Economic Forum

• January 12, 2026 12 Jan'26

  Intersec Dubai highlights why AI has become critical in the race against cyber attackers

  Cigna Healthcare’s Jean Wiles warns that healthcare security teams must act faster without sacrificing accuracy or compliance as threats driven by artificial intelligence scale

• January 09, 2026 09 Jan'26

  Agentic AI requires rethink of cloud security strategy

  Security leaders discuss the rise of agentic AI, warning that autonomous agents operating at machine speed will require organisations to move away from static protection towards behavioural monitoring and automated reasoning

• January 08, 2026 08 Jan'26

  Personal data of thousands stolen in attack on London councils

  The West London council at the centre of a major cyber incident has now started the process of informing residents that their personal data was compromised in the attack

• January 08, 2026 08 Jan'26

  Like it or not, AI will transform cyber strategy in 2026

  Bubble or no bubble, from cyber skills to defensive strategies to governance, risk and compliance, artificial intelligence will remake the cyber world in 2026

• January 05, 2026 05 Jan'26

  UK government to spend £210m on public sector cyber resilience

  The UK government unveils a £120m Cyber Action Plan to help reinforce and promote IT security resilience across the country's public services

• December 29, 2025 29 Dec'25

  Top 10 cyber security stories of 2025

  AI dominated all tech conversations this year, but the concerns of cyber security professionals extend far beyond. From remote work to supply chains, quantum to identity, there were plenty of other topics for the industry to chew over in 2025.

• December 18, 2025 18 Dec'25

  Fortinet vulnerabilities prompt pre-holiday warnings

  Analysts track exploitation of two vulnerabilities disclosed last week by Fortinet

• December 18, 2025 18 Dec'25

  AI safeguards improving, says UK government-backed body

  Inaugural AI Security Institute report claims that safeguards in place to ensure AI models behave as intended seem to be improving

• December 17, 2025 17 Dec'25

  ClickFix attacks that bypass cyber controls on the rise

  NCC’s monthly threat report details the growing prevalence of ClickFix attacks in the wild

• December 08, 2025 08 Dec'25

  NCSC warns of confusion over true nature of AI prompt injection

  Malicious prompt injections to manipulate GenAI large language models are being wrongly compared to classical SQL injection attacks. In reality, prompt injection may be a far worse problem, says the UK’s NCSC

• December 04, 2025 04 Dec'25

  NCC supporting London councils gripped by cyber attacks

  Three west London councils hit by a cyber attack continue to investigate as services remain disrupted nearly two weeks on

• December 03, 2025 03 Dec'25

  UK government pledges to rewrite Computer Misuse Act

  Campaigners celebrate as security minister Dan Jarvis commits to amending the outdated Computer Misuse Act to protect security professionals from prosecution

• December 03, 2025 03 Dec'25

  UK national security strategy failing to account for online world

  The UK government’s national security strategy is falling short on online matters, according to the independent reviewer of terrorism

• December 03, 2025 03 Dec'25

  Post Office avoids £1m fine over botched website upgrade data breach

  The Information Commissioner’s Office considered fining the Post Office £1m for a 2024 data breach that let subpostmasters down again

• December 03, 2025 03 Dec'25

  Women in Cybersecurity Middle East marks five years of impact at Black Hat MEA

  As AI reshapes the regional cyber security landscape, diversity and skills development remain at the heart of building a resilient digital workforce

• November 26, 2025 26 Nov'25

  US breach reinforces need to plug third-party security weaknesses

  Cyber breach at US financial sector tech provider highlights the risk of third-party vulnerabilities in finance ecosystems

• November 20, 2025 20 Nov'25

  UK targets ‘bulletproof’ services that hosted ransomware gangs

  The UK’s NCA and partners have cracked down on ‘bulletproof’ services that hosted cyber criminal infrastructure

• November 19, 2025 19 Nov'25

  EU sets out plans to cut red tape on digital

  Changes have been proposed to simplify AI Act compliance for smaller businesses, easier cyber security reporting and tweaks to GDPR

• November 19, 2025 19 Nov'25

  UAE to launch first space-to-ground quantum communication network

  Technology Innovation Institute and Space42 unveil a collaboration at the Dubai Airshow to deliver the UAE’s first space-enabled quantum communication network, strengthening national cyber resilience and advancing sovereign leadership in ...

• November 18, 2025 18 Nov'25

  Ransomware resilience may be improving in the health sector

  A Sophos report on ransomware highlights resilience improvements among healthcare organisations but warns that the wider threat is still live and growing

• November 18, 2025 18 Nov'25

  Fintech leaders call for united front against AI-driven cyber crime

  As AI makes financial scams more personalised and convincing, fintech experts have called for deeper collaboration and the use of behavioural analytics and other technologies to protect consumers

• November 12, 2025 12 Nov'25

  US cyber intel sharing law set for temporary extension

  The CISA 2015 cyber intelligence sharing law, which lapsed just over a month ago amid a wider shutdown, will receive a temporary lease of life should attempts to reopen the federal government succeed

• November 12, 2025 12 Nov'25

  Microsoft users warned over privilege elevation flaw

  An elevation of privilege vulnerability in Windows Kernel tops the list of issues to address in the latest monthly Patch Tuesday update

• November 07, 2025 07 Nov'25

  How Palo Alto Networks is leveraging AI

  Palo Alto Networks CIO Meerah Rajavel explains how the company is using AI to sieve through 90 billion security events a day, and why security and user experience are two sides of the same coin

• November 05, 2025 05 Nov'25

  Darktrace: Developer tools under constant attack

  Attackers are using automated tools to target development environments within seconds of them going live, warns Darktrace’s global field chief information security officer

• November 05, 2025 05 Nov'25

  Dutch boardroom cyber security knowledge gap exposed

  Cyber security governance professor warns that executives lack the capability to assess cyber threats in implementation approaches