Black Arrow Cyber Threat Intelligence Briefing 05 December 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Recent high profile cyber incidents have highlighted how organisations need to address the risks presented by their third parties, including their managed service provider (MSP), and this week’s review of threat intelligence highlights two impactful examples. We discuss other business risks identified from our review, including the long term tactics of attackers and the malicious use of AI.
These illustrate the need for business leaders to upskill themselves on their cyber literacy, to ask the appropriate challenging questions on the risks to their business. It is important that the upskilling should be from an impartial source, not from a control provider such as the MSP, in order to achieve a broad and objective perspective.
Our review also shows the need for the leadership team to have meaningful conversations with their CISO, and to provide the appropriate support and challenge. Contact us to discuss how we support business leaders and decision makers to understand and manage their cyber risks in a proportionate manner.
Top Cyber Stories of the Last Week
Are MSPs the Weakest Link in Your Security Chain?
A series of incidents affecting Jaguar Land Rover, the Coop Group and Marks and Spencer were linked to compromises at a managed service provider (MSP) where attackers used simple social engineering to obtain helpdesk access. The article notes regulator fines of £14m against a large outsourcer (Capita) and estimates that related breaches could cost close to £2bn, underlining MSPs as high concentration risks.
Source: https://www.techmonitor.ai/technology/cybersecurity/msps-cybersecurity-risk
Marquis Data Breach Impacts Over 74 US Banks, Credit Unions
A ransomware attack on Marquis Software Solutions shows how a breach at a single service provider can affect many financial institutions. The incident exposed data belonging to more than 74 banks and credit unions and over 400,000 individuals. Attackers exploited a SonicWall firewall to steal names, contact details, Social Security numbers and financial account information.
Source: https://www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
Stealthy Browser Extensions Waited Years Before Infecting 4.3M Chrome, Edge Users With Backdoors and Spyware
A long running campaign by attackers called ‘ShadyPanda’ used legitimate looking Chrome and Edge extensions to build a large user base before adding malicious updates. More than 4.3 million users were affected and several extensions remained available in official stores. The extensions included backdoors, surveillance tools and remote code execution, demonstrating the risk of trusted browser add-ons.
Source: https://www.theregister.com/2025/12/01/chrome_edge_malicious_browser_extensions/
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
Financial institutions face increasingly organised adversaries supported by AI, initial access brokers who gain entry to victim organisations, and complex supply chains. Digital footprints have expanded and identity controls remain a common weakness. The article sets out the need for continuous external attack surface monitoring, AI governance, stronger authentication and closer coordination between cyber security, fraud teams and business leaders.
Source: https://securityboulevard.com/2025/12/how-financial-institutions-can-future-proof-their-security-against-a-new-breed-of-cyber-attackers/
Malicious LLMs Empower Inexperienced Hackers With Advanced Tools
Researchers tested large language models (LLMs) used by attackers such as WormGPT 4 and KawaiiGPT, and found they reliably generate working ransomware scripts, lateral movement tooling and polished phishing emails. WormGPT 4 is sold for $50 a month or a $220 lifetime fee, while free KawaiiGPT helps automate phishing and scripting. These LLMs enable inexperienced attackers by generating functional malware and phishing content.
Source: https://www.bleepingcomputer.com/news/security/malicious-llms-empower-inexperienced-hackers-with-advanced-tools/
Companies Fear State Attacks More as Threat Landscape Evolves
Research shows most UK and US cyber security managers are worried about state sponsored attacks, with 23% citing inadequate preparedness for geopolitical escalation as their top concern. Respondents point to rising activity from Russia, Iran, North Korea and China, and 33% believe government support is insufficient. Many fear data loss, reputational harm and supply chain disruption, but 74% are investing in resilience measures.
Source: https://www.infosecurity-magazine.com/news/companies-fear-state-attacks-more/
Spear Phishing Is North Korean Hackers’ Top Tactic: How To Stay Safe
Analysis of recent incidents shows North Korea’s Lazarus Group continues to rely on targeted spear phishing, often using job approaches or academic invitations to gain access to finance, crypto, defence and IT organisations. Lazarus appeared in 31 reports this year, the highest among North Korean groups. The article highlights the need for vigilance, MFA and stronger controls to reduce account compromise.
Source: https://cointelegraph.com/news/spear-phishing-north-korean-hackers-top-tactic-how-to-stay-safe
CISOs, CIOs and Boards: Bridging the Cyber Security Confidence Gap
Survey data shows most board members lack confidence in decisions on cyber investment and struggle to connect technical performance with business outcomes. Security leaders are encouraged to translate blocked threats into avoided financial impact, communicate in risk terms rather than technical language, and demonstrate how identity and resilience measures directly support business goals.
Source: https://securityboulevard.com/2025/12/cisos-cios-and-boards-bridging-the-cybersecurity-confidence-gap/
Disinformation and Cyber Threats Expand Globally
A World Economic Forum survey of 11,000 executives across 116 economies shows cyber insecurity and the adverse outcomes of AI are emerging as leading risks for major economies. Executives warn that AI is increasing attacker capability in social engineering, reconnaissance and exploit development. Many also fear malicious use of AI tools and attacks such as data poisoning.
Source: https://www.infosecurity-magazine.com/news/disinformation-cyberthreats-global/
Cyber Attacks Among Biggest Risks to Financial Stability, Bank Chief Warns
The Bank of England reports cyber attacks are now among the most significant risks to UK financial stability, with firms increasingly citing them alongside geopolitical and economic pressures. The Bank of England’s Governor warns that disruption to digital services or payments could quickly erode confidence in the financial system. Firms are urged to strengthen resilience as dependency on digital infrastructure grows.
Source: https://www.independent.co.uk/news/uk/politics/bank-of-england-jaguar-land-rover-spencer-andrew-bailey-b2876526.html
NATO May Get 'More Aggressive' in Countering Russia’s Hybrid Attacks, Top Military Official Says
NATO is considering more proactive responses to Russian hybrid operations following cyber activity and infrastructure interference across Europe. Its Military Committee chair notes that certain offensive cyber measures may be justified as defensive action. Recent patrols over seabed cables under Baltic Sentry exercises have reduced incidents of damage to the cables, showing how visible deterrence can help counter covert disruption.
Source: https://kyivindependent.com/nato-may-get-more-aggressive-in-countering-russias-hybrid-attacks-top-military-official-tells-ft/
Ex Teen Hackers Warn Parents Are Clueless as Children Steal 'Millions'
The UK National Crime Agency’s ‘Cyber Choices programme’ aims to divert young people away from illegal cyber activity and guide them toward safe, legal and productive uses of their technical skills. Referrals now include children as young as seven, with the average age at 15. Many cases relate to gaming communities and capability development among 10- to 16-year-olds, and former crypto hackers warn that teenagers are making millions from online crime unnoticed by parents or schools.
Source: https://news.sky.com/story/children-as-young-as-seven-caught-hacking-as-former-cybercriminals-warn-its-mainstream-now-13479365
Governance, Risk and Compliance
Disinformation and Cyber-Threats Top Global Exec Concerns - Infosecurity Magazine
CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap - Security Boulevard
Are MSPs the weakest link in your security chain? - Tech Monitor
Insurer pulls back from cyber market amid rising hacks and price war
How headlines can drive change in cyber security | Computer Weekly
12 signs the CISO-CIO relationship is broken — and steps to fix it | CSO Online
Every risk matters: How foresight can save firms before disaster hits - The Standard
Why compliance alone can’t keep pace with today’s cyber threats - Tech Monitor
The Great Disconnect: Unmasking the 'Two Separate Conversations' in Security - SecurityWeek
Sleepless in Security: What’s Actually Keeping CISOs Up at Night - Security Boulevard
Criminals turning bank security systems against themselves
ISC2 Study Finds Cybersecurity Budget Constraints Remain, But Do Not Worsen, While Skill Needs Grow
CISOs are questioning what a crisis framework should look like - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
SonicWall ransomware attacks offer an M&A lesson for CSOs | CSO Online
Cyber insurers brace for more ransomware as soft market drags on | Insurance Business
Deep dive into DragonForce ransomware and its Scattered Spider connection
Zendesk users targeted by Scattered Lapsus$ Hunters hackers and fake support sites | TechRadar
Global ransomware threat rises as soft market persists :: Insurance Day
The Ransomware Holiday Bind: Burnout or Be Vulnerable
Ransomware Moves: Supply Chain Hits, Credential Harvesting
UK Ransomware Payment Ban to Come with Exemptions - Infosecurity Magazine
How a noisy ransomware intrusion exposed a long-term espionage foothold - Help Net Security
Ransomware Victims
Researcher tricks Claude into deploying MedusaLocker ransomware: Exclusive
Weaponizing Claude Skills with MedusaLocker | Cato Networks
E-tailer resumes sales 45 days after ransomware attack • The Register
UPenn joins long list of Clop victims after Oracle EBS raid • The Register
ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm
Phishing & Email Based Attacks
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware - Infosecurity Magazine
North Korea Lazarus Group Tops Cyber Threats with Spear Phishing Attacks
New GhostFrame Phishing Framework Hits Over One Million Attacks - Infosecurity Magazine
Fake Calendly invites spoof top brands to hijack ad manager accounts
How Threat Actors Engineer Attacks to Evade Email Security US | Proofpoint US
SMS Phishers Pivot to Points, Taxes, Fake Retailers – Krebs on Security
Reporters Without Borders Targeted by Russian Hackers - SecurityWeek
Other Social Engineering
Fake Calendly invites spoof top brands to hijack ad manager accounts
SMS Phishers Pivot to Points, Taxes, Fake Retailers – Krebs on Security
North Korea lures engineers to rent identities in fake IT worker scheme
Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
Fraud, Scams and Financial Crime
How Southeast Asia Became the Scam Capital of the World – The Diplomat
Fake AI-generated shops, ads are flourishing on Facebook | Mashable
Upbit Confirms $37 Million Solana Hack, Pledges Full Customer Reimbursement
Artificial Intelligence
Researcher tricks Claude into deploying MedusaLocker ransomware: Exclusive
AI 2030: The Coming Era of Autonomous Cyber Crime | MSSP Alert
Malicious LLMs empower inexperienced hackers with advanced tools
Weaponized AI Is Changing The Vulnerability Management Game. Now What?
Fake AI-generated shops, ads are flourishing on Facebook | Mashable
Microsoft Issues Warning To Windows 11 Users - This AI Feature Can Install Viruses
Attackers keep finding new ways to fool AI - Help Net Security
Critical PickleScan Vulnerabilities Expose AI Model Supply Chains - Infosecurity Magazine
Japan issues arrest warrant against teen suspected of cyberattack using AI
ChatGPT went down worldwide, conversations dissapeared for users
AML/CFT/Money Laundering/Terrorist Financing/Sanctions
Europol Takes Down Illegal Cryptocurrency Mixing Service - Infosecurity Magazine
Malware
Browser extensions pushed malware to 4.3M Chrome, Edge users • The Register
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware - Infosecurity Magazine
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors - SecurityWeek
“Sleeper” browser extensions woke up as spyware on 4 million devices | Malwarebytes
Newly discovered malicious extensions could be lurking in enterprise browsers | CSO Online
Microsoft Issues Warning To Windows 11 Users - This AI Feature Can Install Viruses
Dead Man's Switch - Widespread npm Supply Chain Attack Driving Malware Attacks
Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware
Glassworm malware returns in third wave of malicious VS Code packages
Iran's 'MuddyWater' Levels Up With MuddyViper Backdoor
The most prominent infostealers and how businesses can protect against them | IT Pro
Bots/Botnets
Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Why the Record-Breaking 30 Tbps DDoS Attack Should Concern Every Business | Fortra
Mobile
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
Two Android 0-day bugs patched, plus 105 more fixes • The Register
A new Android malware sneakily wipes your bank account
Predator spyware uses new infection vector for zero-click attacks
CISA Issues Alert on Cyber Threat Actors Spyware Use
Google's new Android 16 upgrades make a strong case for sticking with Pixel or Samsung | ZDNET
India ready to change state-run security app order after outcry | The Straits Times
Israel’s IDF Bans Android Phones—iPhones Now ‘Mandatory’
Feds Warn iPhone And Android Users—Stop Using Your VPN
Denial of Service/DoS/DDoS
Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Why the Record-Breaking 30 Tbps DDoS Attack Should Concern Every Business | Fortra
Criminals turning bank security systems against themselves
Internet of Things – IoT
Hundreds of Porsche Owners in Russia Unable to Start Cars After System Failure - The Moscow Times
Four arrested in South Korea over IP camera spying spree • The Register
You've Heard About Smart Home Hacking: Here's How It Works and How Likely It Is - CNET
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
Data Breaches/Leaks
Marquis data breach impacts over 74 US banks, credit unions
London cyber attack latest as council confirms some data 'copied and taken away' - My London
OpenAI Confirms Data Breach—Here's Who Is Impacted - Decrypt
Security Leaders Discuss SitusAMC Cyberattack | Security Magazine
Post Office Escapes £1m Fine After Postmaster Data Breach - Infosecurity Magazine
Brsk confirms breach as bidding begins for 230K+ records • The Register
FBI Veteran Says Chinese Cyberattack Monitored Every American Citizen's Movements for Five Years
Attackers stole member data from French Soccer Federation
South Korea's Coupang admits breach exposed 33.7M users • The Register
ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm
OBR drags in cyber bigwig after Budget leak blunder • The Register
Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data
OBR chief Richard Hughes resigns after budget leak investigation | Politics News | Sky News
Organised Crime & Criminal Actors
AI 2030: The Coming Era of Autonomous Cyber Crime | MSSP Alert
Malicious LLMs empower inexperienced hackers with advanced tools
How Southeast Asia Became the Scam Capital of the World – The Diplomat
Global law enforcement actions put pressure on cybercrime networks - Help Net Security
Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure
Japan issues arrest warrant against teen suspected of cyberattack using AI
Dutch study finds teen cybercrime is mostly just a phase • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Law Enforcement shuts down Cryptomixer in major crypto crime takedown
Europol Takes Down Illegal Cryptocurrency Mixing Service - Infosecurity Magazine
Upbit Confirms $37 Million Solana Hack, Pledges Full Customer Reimbursement
North Korea’s Lazarus Group Suspected in $30M Upbit Hack, Raising Security Alarms
Insider Risk and Insider Threats
North Korea lures engineers to rent identities in fake IT worker scheme
Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
When Hackers Wear Suits: Protecting Your Team from Insider Cyber Threats
Insurance
Cyber insurers brace for more ransomware as soft market drags on | Insurance Business
Insurer pulls back from cyber market amid rising hacks and price war
Cyber insurance struggles to keep pace with rising exposures | Insurance Business
Cyber risks are growing but businesses are shunning cover
Supply Chain and Third Parties
Marquis data breach impacts over 74 US banks, credit unions
Are MSPs the weakest link in your security chain? - Tech Monitor
Ransomware Moves: Supply Chain Hits, Credential Harvesting
UPenn joins long list of Clop victims after Oracle EBS raid • The Register
MoD updates cyber security requirements for suppliers | UKAuthority
Software Supply Chain
Dead Man's Switch - Widespread npm Supply Chain Attack Driving Malware Attacks
PostHog admits Shai-Hulud 2.0 was its biggest security scare • The Register
Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware
Cloud/SaaS
Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure
'Exploitation is imminent' of max-severity React bug • The Register
Swiss government bans SaaS and cloud for sensitive info • The Register
How Threat Actors Engineer Attacks to Evade Email Security US | Proofpoint US
Outages
ChatGPT went down worldwide, conversations dissapeared for users
Cloudflare blames outage on emergency React2Shell patch
Encryption
The quantum clock is ticking and businesses are still stuck in prep mode - Help Net Security
Q&A on the next big cyber threat: Post-quantum cryptography | SC Media
Passwords, Credential Stuffing & Brute Force Attacks
Ransomware Moves: Supply Chain Hits, Credential Harvesting
Social Media
Fake AI-generated shops, ads are flourishing on Facebook | Mashable
We have to be able to hold tech platforms accountable for fraud
Meta must rein in scammers — or face consequences | The Verge
Regulations, Fines and Legislation
UK's Cyber Bill should be just one part of a wider effort | Computer Weekly
UK Ransomware Payment Ban to Come with Exemptions - Infosecurity Magazine
US Slashes Pay Incentives at Already Weakened Cyber Agency
Five-page draft Trump administration cyber strategy targeted for January release | CyberScoop
GSMA grapples with cybersecurity rules
Models, Frameworks and Standards
NIS2 proposed to be implemented in Swedish Law by “Cybersecurity Act”
NIS2 in the Baltics: Strengthening Cyber Resilience
Data Protection
Post Office Escapes £1m Fine After Postmaster Data Breach - Infosecurity Magazine
Careers, Working in Cyber and Information Security
ISC2 Study Finds Cybersecurity Budget Constraints Remain, But Do Not Worsen, While Skill Needs Grow
Skills Shortages Trump Headcount as Critical Cyber Challenge - Infosecurity Magazine
Law Enforcement Action and Take Downs
Europol Takes Down Illegal Cryptocurrency Mixing Service - Infosecurity Magazine
Global law enforcement actions put pressure on cybercrime networks - Help Net Security
Hybrid attacks against Europe: Russian hacker detained in Poland - CPD | УНН
Japan issues arrest warrant against teen suspected of cyberattack using AI
Four arrested in South Korea over IP camera spying spree • The Register
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights - SecurityWeek
Dutch study finds teen cybercrime is mostly just a phase • The Register
Misinformation, Disinformation and Propaganda
Disinformation and Cyber-Threats Top Global Exec Concerns - Infosecurity Magazine
Russia’s information war 2025: disinformation as an operational weapon
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
NATO may get 'more aggressive' in countering Russia’s hybrid attacks, top military official says
Russia’s information war 2025: disinformation as an operational weapon
Offensive cyber power is spreading fast and changing global security - Help Net Security
Most Companies Fear State-Sponsored Cyber-Attacks - Infosecurity Magazine
Hybrid attacks against Europe: Russian hacker detained in Poland - CPD | УНН
How a noisy ransomware intrusion exposed a long-term espionage foothold - Help Net Security
Cyber warfare in space: attacks on space systems rose during Gaza conflict, report finds | Euronews
How much should the UK worry about cyberattacks? | British Politics and Policy at LSE
Nation State Actors
Offensive cyber power is spreading fast and changing global security - Help Net Security
Most Companies Fear State-Sponsored Cyber-Attacks - Infosecurity Magazine
Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations
State-sponsored cyber threat fears surge - CIR Magazine
China
Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations
CISA warns of Chinese "BrickStorm" malware attacks on VMware servers
FBI Veteran Says Chinese Cyberattack Monitored Every American Citizen's Movements for Five Years
State-sponsored cyber threat fears surge - CIR Magazine
China Researches Ways to Disrupt Satellite Internet
Nexperia warns carmakers of factory shutdowns amid Dutch-Chinese row
US Telecoms Reject Regulation as Answer to Chinese Hacking
SMS Phishers Pivot to Points, Taxes, Fake Retailers – Krebs on Security
Russia
NATO may get 'more aggressive' in countering Russia’s hybrid attacks, top military official says
Russia’s information war 2025: disinformation as an operational weapon
Hybrid attacks against Europe: Russian hacker detained in Poland - CPD | УНН
Reporters Without Borders Targeted by Russian Hackers - SecurityWeek
Russia blocks Roblox over distribution of LGBT "propaganda"
SpaceX removes Russian cosmonaut from mission over national security concerns | The Independent
Russia blocks FaceTime and Snapchat for alleged use by terrorists
Hundreds of Porsche Owners in Russia Unable to Start Cars After System Failure - The Moscow Times
Iran
Iran's 'MuddyWater' Levels Up With MuddyViper Backdoor
North Korea
We need to finally take the North Korean threat seriously
North Korea lures engineers to rent identities in fake IT worker scheme
Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
North Korea Lazarus Group Tops Cyber Threats with Spear Phishing Attacks
State-sponsored cyber threat fears surge - CIR Magazine
North Korea Suspected of $30 Million Crypto Hack, Yonhap Says - Bloomberg
North Korean hackers suspected in dozens of cyberattacks over past year
Upbit Confirms $37 Million Solana Hack, Pledges Full Customer Reimbursement
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Pall Mall Process to Define Responsible Commercial Cyber Intrusion - Infosecurity Magazine
Tools and Controls
Are MSPs the weakest link in your security chain? - Tech Monitor
Cyber insurance struggles to keep pace with rising exposures | Insurance Business
ISC2 Study Finds Cybersecurity Budget Constraints Remain, But Do Not Worsen, While Skill Needs Grow
Why compliance alone can’t keep pace with today’s cyber threats - Tech Monitor
How threat intelligence builds shared responsibility in cybersecurity | SC Media
Akamai Study Shows Microsegmentation Boosts Security
Cyber risks are growing but businesses are shunning cover
Key questions CISOs must ask before adopting AI-enabled cyber solutions | CSO Online
Feds Warn iPhone And Android Users—Stop Using Your VPN
CISOs are questioning what a crisis framework should look like - Help Net Security
Other News
Cyber attacks among biggest risks to financial stability, Bank chief warns | The Independent
Police consider corporate manslaughter charges in Post Office scandal - BBC News
How much should the UK worry about cyberattacks? | British Politics and Policy at LSE
UK Warns Small Firms to Boost Cyber Defences Amid Rising Threats | EasternEye
G7 Unveils New Cybersecurity Guidelines
UK national security strategy failing to account for online world | Computer Weekly
Criminals turning bank security systems against themselves
How to build forward-thinking cybersecurity teams for tomorrow | Microsoft Security Blog
North American firms are unprepared for rising risk pressures, HUB warns | Insurance Business
Cybersecurity Through the Telecom Stack: Where Attacks Happen and How to Fight Back
A day in the life of the internet tells a bigger story - Help Net Security
Vulnerability Management
Weaponized AI Is Changing The Vulnerability Management Game. Now What?
Rethinking Vulnerability Management | MSSP Alert
Vulnerabilities
Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation
Microsoft Patched Windows LNK Vulnerability Exploited by Hackers in the Wild as 0-Day
'Exploitation is imminent' of max-severity React bug • The Register
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
SonicWall ransomware attacks offer an M&A lesson for CSOs | CSO Online
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability
Chrome 143 Patches High-Severity Vulnerabilities - SecurityWeek
Critical React, Next.js flaw lets hackers execute code on servers
Critical PickleScan Vulnerabilities Expose AI Model Supply Chains - Infosecurity Magazine
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.