News

Security policy and user awareness

• June 12, 2026 12 Jun'26

  Strict sovereign AI policies could cost APAC economies billions

  Oxford Economics report reveals that pursuing total AI self-sufficiency will lead to economic trade-offs, delayed enterprise adoption and higher carbon footprints across the Asia-Pacific region

• June 11, 2026 11 Jun'26

  Established enterprise patching models dead in the water, says report

  Vulnerability discovery and exploitation was surging dramatically even before Anthropic decided to unleash its frontier Mythos model. As such, an Action1 report finds old approaches to patching are no longer fit for purpose

• June 11, 2026 11 Jun'26

  Google Cloud unpacks governance challenges of AI agents

  With AI agents poised to act as digital co-workers, Google Cloud’s Michael Gerstenhaber argues that IT leaders must rethink identity management, security and observability to build trust in the technology

• June 09, 2026 09 Jun'26

  Microsoft smashes record for biggest ever Patch Tuesday update

  Microsoft has obliterated the record for the largest ever Patch Tuesday drop, with its June 2026 update addressing approximately 200 flaws and three zero-days

• June 08, 2026 08 Jun'26

  Infosecurity Europe 2026: AI turbo-charging cyber crime and response

  AI is accelerating cyber attacks by criminals and hostile states, with attackers faster, more persistent and increasingly collaborative, say experts speaking at Infosecurity Europe 2026

• June 02, 2026 02 Jun'26

  Scottish residents granted permission for group action against Capita

  People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack

• May 29, 2026 29 May'26

  Microsoft hits out over irresponsible vulnerability disclosure

  Microsoft goes on the offensive after a disgruntled security researcher unleashed a series of zero-days without checking in first

• May 27, 2026 27 May'26

  Scottish social enterprise supports national cyber efforts

  Cyber and Fraud Centre has supported community cyber resilience in Scotland to the tune of £3m in its first year operating as a social enterprise

• May 27, 2026 27 May'26

  The Gentlemen emerging as key ransomware player

  An emerging ransomware crew known as The Gentlemen is becoming a force to be reckoned with, according to NCC’s latest monthly threat data

• May 25, 2026 25 May'26

  AI safety cannot wait for a ‘Chernobyl moment’, experts warn

  As AI becomes increasingly capable, tech leaders at Singapore’s ATxSummit urge governments and industry to build safety and accountability into AI systems before a major disaster strikes

• May 19, 2026 19 May'26

  Government digital ID launch was a fiasco, report finds

  Back-to-front policy and a rushed launch destroyed public confidence, as Home Affairs Committee is sceptical government has capacity to implement the digital ID programme

• May 19, 2026 19 May'26

  Vulnerability exploitation now primary origin of data breaches

  Verizon’s annual cyber report reveals a major change in how data breaches originate, highlighting the impact of artificial intelligence

• May 14, 2026 14 May'26

  BlackBerry doubles down on secure communications

  Having sold its Cylance endpoint security portfolio to Arctic Wolf, the former smartphone pioneer is doubling down on military-grade encryption and post-quantum cryptography to shield critical infrastructure from AI-driven threats

• May 13, 2026 13 May'26

  Computer Misuse Act reform to move forward in National Security Bill

  Reform of the Computer Misuse Act is to be folded into a wider National Security Bill granting more powers for law enforcement to protect the UK against a wider spectrum of threats

• May 13, 2026 13 May'26

  AI threats push Middle East CISOs towards identity-first security

  Deepfakes and shadow AI have rendered the traditional security playbook obsolete, prompting cyber leaders to shift towards resilience-first defences

• May 12, 2026 12 May'26

  Microsoft releases rare zero-day free Patch Tuesday update

  No zero-day flaws were addressed in May’s Patch Tuesday update but as usual there is much for admins to chew over in the coming days

• May 12, 2026 12 May'26

  UAE launches sovereign AI-driven Cyber Factory security initiative

  UAE Cyber Security Council and CPX unveil national cyber manufacturing initiative aimed at strengthening digital sovereignty, AI-powered defence and critical infrastructure resilience

• May 11, 2026 11 May'26

  UK government renews calls to sign Cyber Resilience Pledge

  Westminster renews calls for business leaders to sign up to its yet-to-be-launched Cyber Resilience Pledge, and highlights growth, and challenges, for the UK’s cyber economy

• May 11, 2026 11 May'26

  The Netherlands leads in quantum technology but lags on quantum security

  The Dutch government has invested €615m to build a world-class quantum technology ecosystem, but many institutions have not started any quantum-specific preparations to protect themselves against the security threat

• May 08, 2026 08 May'26

  ESET: Don’t fear the ‘AI Terminator’, but prepare for agent risks

  While fully autonomous hacking bots remain a distant reality, an ESET expert warns that AI is quietly supercharging phishing schemes and creating new vulnerabilities inside organisations

• May 06, 2026 06 May'26

  UK financial security experts participate in sector-wide hackathon

  Teams of security pros from UK financial services organisations came together at the end of April to participate in a hackathon exercise

• May 05, 2026 05 May'26

  CSA: Take AI cyber threats to the boardroom

  Current cyber risk assumptions may no longer be valid given the speed of advanced AI, warns the chief executive of Singapore’s Cyber Security Agency

• May 04, 2026 04 May'26

  UK’s NCSC warns of ‘wave of patches’

  Vulnerability discovery and mitigation continues to exercise the top minds at Britain’s NCSC as cyber experts continue to debate the impact of frontier AI models such as Mythos

• April 30, 2026 30 Apr'26

  Almost half of UK businesses hit by cyber attacks

  The government’s annual cyber security report reveals UK businesses are still struggling with the impact of attacks and breaches

• April 28, 2026 28 Apr'26

  Vect ransomware actually destructive wiper malware

  Analysis of a form of ransomware called Vect has uncovered a serious flaw that breaks its core functionality and turns it from a locker to a wiper

• April 26, 2026 26 Apr'26

  Black Hat Asia: Privacy and cyber security are inseparable

  The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told

• April 22, 2026 22 Apr'26

  A tsunami of flaws: When frontier AI and Patch Tuesday collide

  Microsoft’s April Patch Tuesday drop was the second-largest in history, falling just shy of an October 2025 record. What is behind the spike in vulnerability disclosures, and is there a connection to Anthropic’s bug-hunting Claude Mythos AI model?

• April 17, 2026 17 Apr'26

  Surging CVE disclosures force NIST to shake up workflows

  NIST announces big changes to the way it categorises and manages CVEs, which are set to have a big impact on how organisations manage patching and remediation

• April 16, 2026 16 Apr'26

  CyberUK 2026: UK lagging on legal protections for cyber pros

  Ahead of next week’s CyberUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus and proposes a four-pillar framework that would protect cyber professionals from prosecution

• April 15, 2026 15 Apr'26

  UK businesses must face up to AI threat, says government

  Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos

• April 09, 2026 09 Apr'26

  Singapore Cyber Security Agency chief: Cyber stability a necessity, not a luxury

  With state-linked attacks rising and international rules unravelling, Singapore’s cyber security commissioner calls for global cooperation to prevent catastrophic conflict in cyber space

• April 02, 2026 02 Apr'26

  How ‘Wikipedia of cyber’ helps SAP make sense of threat data

  SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming big challenges. It turned to cutting-edge agentic tools from Uptycs to cut ...

• April 02, 2026 02 Apr'26

  NCSC warns high-risk individuals of Signal and WhatsApp social engineering attacks

  NCSC advises on countermeasures for high-risk individuals over phishing attacks on encrypted messaging services, such as Signal, WhatsApp and Facebook Messenger

• March 31, 2026 31 Mar'26

  Shrinking PQC timeline highlights immediate risk to data security

  Google’s decision to move up its timeline for migration to post-quantum cryptography highlights that some of the cyber security risks posed by quantum computing are already reality

• March 25, 2026 25 Mar'26

  US government launches Bureau of Emerging Threats

  The US’ Bureau of Emerging Threats sits within the State Department and will supposedly help address national security threats arising from cyber attacks, the weaponisation of space and other emerging technologies

• March 25, 2026 25 Mar'26

  Google targets 2029 for post-quantum cyber readiness

  Google sets out a timeline for its migration to post-quantum cryptography, saying it will complete its migration before the end of the 2020s

• March 25, 2026 25 Mar'26

  Why AI agents are one prompt away from ransomware

  As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI

• March 24, 2026 24 Mar'26

  Cyber pros must grasp the vibe coding nettle, says NCSC chief

  At RSA in San Francisco, NCSC chief exec Richard Horne says security professionals have an opportunity and a responsibility to get in front of the security issues raised by the popularity of ‘vibe coding’

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 23, 2026 23 Mar'26

  Irish government launches CNI resilience plan

  Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Cisa tells US organisations to harden endpoint management after Stryker attack

  Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture

• March 19, 2026 19 Mar'26

  Gartner: Ditch ‘big transformation’ cyber strategies for continuous improvement

  As artificial intelligence reshapes the enterprise, CISOs must abandon risky big bang security transformation initiatives in favour of incremental changes to build cyber resilience

• March 19, 2026 19 Mar'26

  Apple issues first Background patch for WebKit browser flaw

  Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 11, 2026 11 Mar'26

  Cyber industry welcomes women, but challenges persist

  Three-quarters of women working in security say they feel comfortable in the field, but women are still much more likely to be laid off and face persistent challenges around career advancement, according to a report

• March 11, 2026 11 Mar'26

  Welsh government boosts funding for cyber education

  The Welsh government’s Tech Valleys programme is providing three-quarters of a million pounds to help reach thousands of primary school children with security education and careers guidance

• March 10, 2026 10 Mar'26

  Microsoft patches zero-days in .NET and SQL Server

  Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft’s March Patch Tuesday update

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud