443 articles · Page 3 of 23
Awareness went up. Risk assessments went down. Continuity plans dropped 9 points. If concern was a control, the survey numbers would look very different.
Read more →
A fake Teams installer is dropping backdoors globally. A third-party analytics vendor handed ShinyHunters 119,000 email addresses. And UK romance fraud hit £102M last year. Three stories, one briefing.
Read more →
Phishing caused 69% of the most disruptive breaches. 51% of victims were hit by phishing alone. The fight has moved from inboxes to identity controls.
Read more →
cPanel is on CISA's active exploit list. MOVEit has a new authentication bypass. Your cheap router may already be compromised. Here is what matters today.
Read more →
Three high-impact threats landed simultaneously on 4th May 2026. If your business uses MOVEit, runs Linux servers, or has developers using Python, read this now.
Read more →
43% of UK businesses breached. Risk assessments down. Continuity plans down. The government's data says small businesses are sliding backwards.
Read more →
CISA confirmed active exploitation of a Linux root access flaw this week. If your business runs Linux anywhere, including on a NAS or cloud VM, read this now.
Read more →
Unauthenticated attackers can upload malware or log in as your site admin right now. Two critical WordPress flaws. No patch excuses.
Read more →
The cyber front line is already here. CyberUK 2026 made that official. Small businesses need to act before procurement does.
Read more →
44,000 hosting control panels confirmed compromised. A WordPress plugin is handing out admin access to anyone who asks. This week's threats are not theoretical.
Read more →
A supply chain attack on open-source security tooling and a Linux privilege escalation exploit with working code in the wild. Two threats. One uncomfortable Friday.
Read more →
A critical cPanel flaw is being actively exploited with ransomware already reported. TeamPCP is poisoning open-source security tools. The NCSC says a patch wave is coming. Today is not a quiet day.
Read more →
The JLR attack cost £1.9 billion. Suppliers six tiers down the chain had no say in JLR's security decisions. They paid anyway. Here is the full story.
Read more →
Public exploit code for a Linux root access flaw has defenders scrambling. If your business runs Linux anywhere, this is not a drill.
Read more →
A critical cPanel authentication bypass has been exploited since February. A new Linux root exploit dropped today. And 43% of UK businesses were compromised last year. Pick your priority.
Read more →
The Pledge launches this summer. Certification takes four to six weeks. Here is the exact process, with costs, timelines, and the steps your IT provider should handle.
Read more →
This week's threat brief covers a critical cPanel auth bypass requiring emergency patching, ClickFix phishing campaigns stealing credentials via PowerShell, and VECT ransomware that wipes files it cannot encrypt.
Read more →
I was in the room when the Cyber Resilience Pledge was announced. The speeches were confident. The corridor conversations afterwards were not.
Read more →
Russian state hackers are in your Windows machine without a click. Five router flaws scored 9.8 overnight. This week's threat brief cuts through the noise.
Read more →
Three active campaigns converge on UK small businesses this week: voice-driven extortion, poisoned developer packages, and OAuth phishing that bypasses MFA. Here is what they are not telling you.
Read more →