Black Arrow Cyber Threat Intelligence Briefing 06 March 2026
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week, much of the specialist and general media has reported on the security ramifications of the military action in the Middle East, and we have included warnings from European and UK authorities on the need for organisations to heighten their vigilance for cyber security attacks.
In a more general context, we also report on increasing levels of ransomware attacks, especially on smaller organisations and outside of business hours with a focus on long term access to victims’ systems. Supply chain risks and unmanaged vulnerabilities also continue to present challenges to be addressed in a cyber security strategy.
AI risks are accumulating, with expected growth in the number of enterprise applications using AI agents. As we reported previously, AI is also enabling attackers to enhance attacks such as social engineering to be more effective against employees.
The variety of established and evolving risks reminds us of the need for business leaders to be regularly updated on the developing threat landscape and to ensure that the risks are prioritised and addressed in a proportionate cyber security strategy that is delivered by your chosen control providers. Contact us for an impartial discussion on how to do this.
Top Cyber Stories of the Last Week
European Police Body Warns Iran Crisis Raises Threat of Terror, Extremism and Cyber Attacks
Europol has warned that the escalating conflict involving Iran is likely to increase security risks across the European Union, including a higher threat of terrorism, organised crime and cyber attacks targeting critical infrastructure such as energy and transport systems. Officials expect more online fraud using artificial intelligence, where criminals use automated tools to create convincing scams and misinformation linked to the conflict. Europol also noted that groups aligned with Iran may attempt destabilising activities including intimidation, terrorist financing and cyber crime. Authorities assess the overall terrorist threat level in the EU as high, with concerns that online content could accelerate radicalisation and inspire lone actors or small cells.
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
The UK National Cyber Security Centre has urged organisations to review their cyber security posture following rising tensions involving Iran, the United States and Israel. While there is no confirmed increase in direct threats to the UK, the agency warns there is almost certainly a heightened risk of indirect cyber activity, particularly for organisations with operations or supply chains in the Middle East. Iranian state actors and politically motivated groups have previously targeted sectors including energy, finance and transport. The NCSC advises organisations to strengthen monitoring, maintain software updates, prepare for phishing and service disruption attacks, and review incident response plans to ensure resilience during periods of geopolitical instability.
Ransomware Attacks Soar as Hackers Pivot to Small Businesses
Attackers are increasingly targeting small and medium sized businesses that may lack strong cyber security defences. Chainalysis reports a sharp rise in ransomware activity, with nearly 8,000 public leak events recorded in 2025, a 50% increase on the previous year. Despite this surge, total ransom payments fell 8% to about $820 million as many large organisations refused to pay and law enforcement disrupted criminal money laundering networks. At the same time, the average price for buying access to compromised systems on dark web marketplaces dropped from $1,427 in 2023 to $439 in 2026, lowering the barrier for criminals to launch cyber attacks.
https://invezz.com/news/2026/02/27/ransomware-attacks-soar-as-hackers-pivot-to-small-businesses/
Ransomware Activity Peaks Outside Business Hours
Sophos has reported that ransomware is typically deployed when organisations are least staffed, with 88% of attacks launched outside normal working hours. Identity compromise is now the main route used in cyber attacks, accounting for 67% of initial access across 661 incidents analysed between November 2024 and October 2025 in 70 countries. Attackers commonly use stolen or guessed passwords and phishing emails to gain entry before moving quickly to central identity systems that control user access, often under 4 hours. Data theft followed a similar pattern in 79% of cases, highlighting the need for continuous security monitoring.
https://www.helpnetsecurity.com/2026/02/27/sophos-identity-driven-breaches-report/
Ransomware Groups Switch to Stealthy Attacks and Long-Term Access
Ransomware groups are increasingly shifting from disruptive attacks to quieter, long-term intrusions designed to remain undetected inside corporate networks. Research by Picus Security analysing 1.1 million malicious files found that four in five common attack techniques are now designed to evade security controls and maintain persistent access. Rather than immediately encrypting systems, many attackers focus on stealing sensitive data and threatening to release it publicly to force payment. Encryption based attacks have fallen by 38% over the past year, while more than 7,000 victims were publicly named by ransomware groups, highlighting the growing scale and persistence of the threat.
Most Organisations Unprepared for External Cyber Risks and Supply Chain Disruptions
Zscaler reports that many organisations are overconfident about cyber security resilience because plans still focus mainly on internal systems, not the wider supplier and partner network. In its research, 61% of businesses admit their approach is too inward looking, while 60% suffered a major supplier related disruption in the past year. Yet only 54% have cyber insurance that covers a third-party breach. More than half of IT leaders say current controls are not ready for AI driven cyber attacks, and up to 70% lack visibility of shadow AI (meaning unapproved AI tools used without oversight).
https://petri.com/organizations-unprepared-external-cyber-risks/
High‑Risk Vulnerabilities Surge, Deepening Security Debt for IT Teams
Veracode’s 2026 State of Software Security report highlights a growing gap between the number of software vulnerabilities discovered and the ability of organisations to fix them. Security debt, meaning unresolved security weaknesses in software, now affects 82% of organisations, up from 74%, while 60% face critical long-standing flaws. High risk vulnerabilities have risen by 36%, driven by AI assisted coding and increased reliance on third party software components. Nearly half of applications still contain vulnerabilities more than a year old, underscoring the need for stronger governance and prioritisation of the most serious risks.
https://petri.com/sharp-rise-high-risk-flaws-security-debt/
AI Went from Assistant to Autonomous Actor and Security Never Caught Up
A briefing from the AIUC 1 Consortium warns that as artificial intelligence moves from simple assistants to autonomous systems capable of carrying out business tasks, security oversight has not kept pace. An EY survey found that 64% of companies with annual turnover above $1 billion have lost more than $1 million due to AI failures, while one in five reported a breach linked to unauthorised use of AI tools by staff. Many organisations lack visibility into how AI systems access data or systems, increasing the risk of sensitive information exposure and operational disruption if these tools act incorrectly or without proper controls.
https://www.helpnetsecurity.com/2026/03/03/enterprise-ai-agent-security-2026/
Why Enterprise AI Agents Could Become the Ultimate Insider Threat
Generative AI tools are rapidly evolving from simple assistants into autonomous agents that can launch other agents, access systems and even authorise transactions. Security researchers warn this could create a new form of insider threat if poorly controlled. CyberArk reports that machine identities already outnumber human ones by 82 to 1, while Gartner expects more than 40% of enterprise applications to use AI agents by 2026. Yet governance remains limited, highlighting the growing cyber security challenge as these tools gain greater access to corporate systems.
https://www.zdnet.com/article/enterprise-ai-agents-insider-threat/
AI Raises the Cybersecurity Stakes — But People Still Open the Door
Artificial intelligence is lowering the barrier for cyber criminals, enabling them to produce convincing phishing emails, cloned voice calls and highly targeted scams far more quickly. These tactics, known as social engineering, manipulate people through urgency, authority or confusion rather than breaking technical defences. While organisations are investing heavily in AI security tools, many successful cyber attacks still begin with human interaction. The key defence therefore lies in building strong security awareness and judgement across the workforce. Encouraging staff to pause, question unusual requests and report concerns can significantly reduce the risk of deception led cyber attacks.
https://www.infosecurity-magazine.com/opinions/ai-cybersecurity-people-open-door/
Hackers Are Turning to Easy, Fast AI Solutions to Roll Out Attacks – So How Can Your Business Stay Safe?
HP Wolf Security found that 14% of malicious emails bypassed at least one email security filter, as cyber criminals increasingly use generative AI to launch cyber attacks more quickly and at lower cost. Rather than creating highly sophisticated attacks, many criminals prioritise speed and scale, using readily available tools to produce convincing emails, fake invoices and malicious software installers. Despite their basic nature, these attacks remain effective. Common delivery methods included executable files accounting for 37% of attacks, ZIP files at 11% and Word documents at 10%, highlighting the continued effectiveness of simple tactics.
New AirSnitch Attack Bypasses Wi-Fi Encryption in Homes, Offices, and Enterprises
Researchers have uncovered “AirSnitch”, a new Wi-Fi attack that can bypass the client isolation feature many routers use to keep connected devices separated, including on guest networks. It affects a wide range of home and enterprise equipment and could enable a machine-in-the-middle cyber attack where an intruder intercepts and potentially alters data in transit. The risk is highest where internet traffic is not fully encrypted, as attackers could steal passwords, session cookies, and payment details. Some vendors have issued updates, but parts of the issue may require longer term hardware changes.
Employees Install Pirate Software Despite Malware Risks
Barracuda reports that employees are still attempting to install pirated or cracked software on company devices, despite the significant cyber security risks. Such software is often modified to include hidden malware that can steal login details, install ransomware, hijack user sessions or run cryptomining programs that misuse company systems. Because pirated software cannot receive legitimate security updates, vulnerabilities remain unpatched. Barracuda warns that organisations should strengthen security controls, restrict installation permissions and improve employee awareness to reduce the risk of a cyber attack.
https://betanews.com/article/employees-install-pirate-software-despite-malware-risks/
Governance, Risk and Compliance
Four Risks Boards Cannot Treat as Background Noise - SecurityWeek
AI risk moves into the security budget spotlight - Help Net Security
Cyber incidents remain the primary challenge facing UK businesses
The CISO role keeps getting heavier - Help Net Security
Executive data can become the weak link in the cybersecurity chain - BetaNews
Cyber resilience tunnel vision is leaving enterprises open to external threats | IT Pro
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware groups switch to stealthy attacks and long-term access | CSO Online
Ransomware: As Infostealers Bite, Prevention Beats Recovery
Ransomware activity peaks outside business hours - Help Net Security
Ransomware attacks soar as hackers pivot to small businesses - Invezz
Scattered Lapsus$ Hunters seeks women to defraud helpdesks • The Register
Double whammy: Steaelite RAT bundles data theft, ransomware • The Register
Notorious ransomware gang allegedly blackmailed by fake FSB officer
Bitcoin Still Fuels Ransomware Economy in 2025
Ransomware Attacks Rose 50% in 2025 According to Chainalysis Report
Ransomware groups claim record number of victims in 2025 - CIR Magazine
Ransomware Payments Decline 8% as Attacks Surge 50% - Infosecurity Magazine
Ransomware Victims
Conduent Data Breach - Largest Data Breach in U.S. History As Ransomware Group Stolen 8 TB of Data
1 Million Records from Dutch Telco Odido Published Online After Extortion Attempt
Qilin ransomware hits Malaysia Airlines | Cybernews
Dutch cops back Odido as ShinyHunters leaks continue • The Register
ShinyHunters leaked the full Odido dataset
Airbus and Boeing supplier named in ransomware attack | Cybernews
Phishing & Email Based Attacks
OAuth Abuse in Microsoft Entra ID Enables Stealthy Email Access
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Fake LastPass support email threads try to steal vault passwords
Purchase order attachment isn’t a PDF. It’s phishing for your password | Malwarebytes
Remote-working breaches as phishing fears reach record high | theHRD
Microsoft warning: attackers are abusing Google logins to spread malware | Cybernews
Attack on trust | Professional Security Magazine
Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks - Infosecurity Magazine
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Hacker mass-mails HungerRush extortion emails to restaurant patrons
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Attack on trust | Professional Security Magazine
Other Social Engineering
Fake LastPass support email threads try to steal vault passwords
Attack on trust | Professional Security Magazine
Purchase order attachment isn’t a PDF. It’s phishing for your password | Malwarebytes
Scattered Lapsus$ Hunters seeks women to defraud helpdesks • The Register
Europol-led crackdown on The Com hackers leads to 30 arrests
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
Why scammers call you and say nothing - and how to respond safely | ZDNET
Scammers target Dubai bank accounts amid Iran missile salvo • The Register
If You're a Tech Worker With an Attractive Girlfriend, We Have Extremely Bad News
Telegram rises to top spot in job scam activity - Help Net Security
2FA/MFA
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Artificial Intelligence
AI went from assistant to autonomous actor and security never caught up - Help Net Security
Why enterprise AI agents could become the ultimate insider threat | ZDNET
AI Raises the Cybersecurity Stakes — But People Still Open the Door - Infosecurity Magazine
AI risk moves into the security budget spotlight - Help Net Security
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer | Trend Micro (US)
How Threat Actors Turned OpenClaw Into a Scraping Botnet - Security Boulevard
Organizations Unprepared for External Cyber Risks
Fraudsters integrate ChatGPT into global scam campaigns - Help Net Security
Your Staff Are Your Biggest Security Risk: AI is Making it Worse
AI bot compromises five major GitHub repositories | Cybernews
ClawJacked flaw exposed OpenClaw users to data theft
Your personal OpenClaw agent may also be taking orders from malicious websites | CSO Online
AI and Deepfakes Supercharge Sophisticated Cyber-Attacks: Cloudflare - Infosecurity Magazine
The AI-Powered Hacking Spree Is Here
Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact | ZDNET
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
How Deepfakes and Injection Attacks Are Breaking Identity Verification
Chatbot data harvesting yields sensitive personal info • The Register
Calls for Global Digital Estate Standard as Fraud Risk Grows - Infosecurity Magazine
Hackers Leveraged CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
Pentagon ditches Anthropic AI over “security risk” and OpenAI takes over - Security Boulevard
Sam Altman admits OpenAI can’t control Pentagon’s use of AI | Technology | The Guardian
Pentagon moves to build AI tools for China cyber operations
Hacker Steals Huge Data Trove From Mexico Using Anthropic's Claude
OpenAI Reaches A.I. Agreement With Defense Dept. After Anthropic Clash - The New York Times
Why Pentagon-Anthropic AI clash is pivotal front in future of warfare
Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy
LLMs are getting better at unmasking people online | CyberScoop
Anthropic fallout Iran strikes fuel tech backlash over military AI use
What AI Models for War Actually Look Like | WIRED
Bots/Botnets
Memory scalpers hunt scarce DRAM with bot blitz • The Register
How Threat Actors Turned OpenClaw Into a Scraping Botnet - Security Boulevard
Careers, Roles, Skills, Working in Cyber and Information Security
Code of Professional Conduct | Professional Security Magazine
Cybersecurity professionals are burning out on extra hours every week - Help Net Security
GCHQ hunts for CISO with £130K top salary • The Register
Comms Dealer - Why UK MSPs Need Global Talent Now More Than Ever
Cloud/SaaS
Cloudflare tracked 230 billion daily threats and here is what it found - Help Net Security
Attackers are using your network against you, according to Cloudflare | CyberScoop
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
QuickLens Chrome extension steals crypto, shows ClickFix attack
Bitcoin Still Fuels Ransomware Economy in 2025
Cyber Crime, Organised Crime & Criminal Actors
AI and Deepfakes Supercharge Sophisticated Cyber-Attacks: Cloudflare - Infosecurity Magazine
Europol-led crackdown on The Com hackers leads to 30 arrests
Turns out most cybercriminals are old enough to know better • The Register
Compromised Site Management Panels are a Hot Item in Cybercrime Markets
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
Data Breaches/Leaks
Conduent Data Breach - Largest Data Breach in U.S. History As Ransomware Group Stolen 8 TB of Data
AI bot compromises five major GitHub repositories | Cybernews
ClawJacked flaw exposed OpenClaw users to data theft
Double whammy: Steaelite RAT bundles data theft, ransomware • The Register
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks - Infosecurity Magazine
1 Million Records from Dutch Telco Odido Published Online After Extortion Attempt
15M French citizens affected by massive data breach following cyberattack on medical software
New LexisNexis Data Breach Confirmed After Hackers Leak Files - SecurityWeek
“Non-terrestrial officers:” the UFO files McKinnon found, hacking NASA | Cybernews
Hacker Steals Huge Data Trove From Mexico Using Anthropic's Claude
Olympique Marseille confirms 'attempted' cyberattack after data leak
Canadian Tire 2025 data breach impacts 38 million users
UH Cyber Hack Exposed Social Security Numbers Of Up To 1.15 Million - Honolulu Civil Beat
Brit games studio Cloud Imperium admits to data breach • The Register
Madison Square Garden Data Breach Confirmed Months After Hacker Attack - SecurityWeek
Denial of Service/DoS/DDoS
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
Russian DDoS: what’s the threat to businesses? | IT Pro
Encryption
Expert Recommends: Prepare for PQC Right Now
Fraud, Scams and Financial Crime
Fraudsters integrate ChatGPT into global scam campaigns - Help Net Security
Calls for Global Digital Estate Standard as Fraud Risk Grows - Infosecurity Magazine
Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses | WIRED
Memory scalpers hunt scarce DRAM with bot blitz • The Register
Why scammers call you and say nothing - and how to respond safely | ZDNET
Scammers target Dubai bank accounts amid Iran missile salvo • The Register
Telegram rises to top spot in job scam activity - Help Net Security
Alabama man pleads guilty to hacking, extorting hundreds of women
Florida woman imprisoned for massive Microsoft license fraud scheme
Identity and Access Management
How Deepfakes and Injection Attacks Are Breaking Identity Verification
Insider Risk and Insider Threats
Why enterprise AI agents could become the ultimate insider threat | ZDNET
AI Raises the Cybersecurity Stakes — But People Still Open the Door - Infosecurity Magazine
42 percent of organizations see an increase in malicious insider incidents - BetaNews
Your Staff Are Your Biggest Security Risk: AI is Making it Worse
Employees install pirate software despite malware risks - BetaNews
U.S. Defense Contractor Faces 87 Months in Prison For Selling Secrets to Russia - ClearanceJobs
Insurance
Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance - SecurityWeek
Internet of Things – IoT
Your smart home may be at risk - 6 ways experts protect your devices from attacks | ZDNET
Every Car Made After 2008 Has the Same Digital Security Risk
Meta Workers Say They're Seeing Disturbing Things Through Users' Smart Glasses
Law Enforcement Action and Take Downs
Europol-led crackdown on The Com hackers leads to 30 arrests
U.S. Defense Contractor Faces 87 Months in Prison For Selling Secrets to Russia - ClearanceJobs
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
Project Compass is Europol's new playbook for taking on The Com | CyberScoop
Cambodia, a center for online scam, cracks down on the scammers : State of the World from NPR : NPR
Ukrainian man pleads guilty to running AI-powered fake ID site
Alabama man pleads guilty to hacking, extorting hundreds of women
Florida woman imprisoned for massive Microsoft license fraud scheme
Malware
Double whammy: Steaelite RAT bundles data theft, ransomware • The Register
Microsoft OAuth scams abuse redirects for malware delivery • The Register
Employees install pirate software despite malware risks - BetaNews
Microsoft warning: attackers are abusing Google logins to spread malware | Cybernews
CISA warns that RESURGE malware can be dormant on Ivanti devices
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
QuickLens Chrome extension steals crypto, shows ClickFix attack
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer | Trend Micro (US)
Microsoft warns of RAT delivered through trojanized gaming utilities
Mobile
Coruna: Spy-grade iOS exploit kit powering financial crime - Help Net Security
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Models, Frameworks and Standards
Passwords, Credential Stuffing & Brute Force Attacks
Fake LastPass support email threads try to steal vault passwords
Purchase order attachment isn’t a PDF. It’s phishing for your password | Malwarebytes
US Shuts Down 'LeakBase' Hacker Forum Known for Selling Stolen Data
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
Regulations, Fines and Legislation
UK’s Data Watchdog Gets a Makeover to Match Growing Demands - Infosecurity Magazine
CISA leadership shakeup comes amid ‘pressure’ moment for cyber agency | Federal News Network
Trump Bans Anthropic AI in Federal Agencies — Pentagon Flags Claude as Security Risk
OpenAI Reaches A.I. Agreement With Defense Dept. After Anthropic Clash - The New York Times
Why Pentagon-Anthropic AI clash is pivotal front in future of warfare
Social Media
Social media companies are fighting the 'age verification trap' | Fortune
Software Supply Chain
What to Know About the Notepad++ Supply-Chain Attack - Security Boulevard
Your dependencies are 278 days out of date and your pipelines aren't protected - Help Net Security
Surging third-party risks create software vulnerability headaches for developer teams | IT Pro
Supply Chain and Third Parties
Conduent Data Breach - Largest Data Breach in U.S. History As Ransomware Group Stolen 8 TB of Data
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks - Infosecurity Magazine
Organizations Unprepared for External Cyber Risks
What to Know About the Notepad++ Supply-Chain Attack - Security Boulevard
Madison Square Garden Data Breach Confirmed Months After Hacker Attack - SecurityWeek
Airbus and Boeing supplier named in ransomware attack | Cybernews
Third-Party Risk: The New Maturity Curve for Security Providers | perspective | MSSP Alert
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
UK warns of Iranian cyberattack risks amid Middle-East conflict
U.S. war with Iran forces CEOs to prepare for the worst | Fortune
Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity - Infosecurity Magazine
The cyber war in Iran - POLITICO
Expect Iran to Launch Cyber-Attacks Globally, Warns Google - Infosecurity Magazine
Europe braces as Iran threatens to attack – POLITICO
If You're a Tech Worker With an Attractive Girlfriend, We Have Extremely Bad News
Businesses told to harden defenses amid Iran conflict risk • The Register
Mapping Iran’s hacking threats | Ctech
Iran War Puts Companies, Infrastructure on Cyber Threat Alert
Iran could use AI to accelerate cyberattacks on U.S. and Israeli critical infrastructure | Fortune
Cyberwarfare ignites in US-Israel-Iran war
Pro-Iranian Actors Launch Barrage of Cyberattacks
Double jeopardy for Dubai, faces espionage threat amid Iran offensive - The Statesman
Western Cybersecurity Experts Brace for Iranian Reprisal
Iranian Hackers Ramp Up Cyberattacks on US and Israel After Recent Strikes - gHacks Tech News
Sam Altman admits OpenAI can’t control Pentagon’s use of AI | Technology | The Guardian
Anthropic fallout Iran strikes fuel tech backlash over military AI use
What AI Models for War Actually Look Like | WIRED
Nation State Actors
How to understand and avoid Advanced Persistent Threats - Security Boulevard
China
If You're a Tech Worker With an Attractive Girlfriend, We Have Extremely Bad News
Hackers Leveraged CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
China's Silver Dragon Razes Governments in EU, SE Asia
Pentagon moves to build AI tools for China cyber operations
Russia
If You're a Tech Worker With an Attractive Girlfriend, We Have Extremely Bad News
Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks - SecurityWeek
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russian DDoS: what’s the threat to businesses? | IT Pro
U.S. Defense Contractor Faces 87 Months in Prison For Selling Secrets to Russia - ClearanceJobs
Notorious ransomware gang allegedly blackmailed by fake FSB officer
North Korea
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
North Korea’s APT37 Expands Toolkit to Breach Air-Gapped Networks - Infosecurity Magazine
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
APT37 hackers use new malware to breach air-gapped networks
Suspected Nork intruders infecting US healthcare, education • The Register
Britain sees North Korea as 'major' cyber threat: Cybersecurity expert
Iran
U.S. war with Iran forces CEOs to prepare for the worst | Fortune
Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity - Infosecurity Magazine
The cyber war in Iran - POLITICO
Europe braces as Iran threatens to attack – POLITICO
Businesses told to harden defenses amid Iran conflict risk • The Register
Mapping Iran’s hacking threats | Ctech
Iran War Puts Companies, Infrastructure on Cyber Threat Alert
Cyberwarfare ignites in US-Israel-Iran war
Pro-Iranian Actors Launch Barrage of Cyberattacks
Iran intelligence backdoored US bank, airport networks • The Register
Scammers target Dubai bank accounts amid Iran missile salvo • The Register
US financial firms on cyber alert amid Iran war | The Jerusalem Post
Iranian Hackers Ramp Up Cyberattacks on US and Israel After Recent Strikes - gHacks Tech News
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
Strikes on Iran will test US cyber strategy abroad, and defenses at home - Nextgov/FCW
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Hacktivists claim to have hacked Homeland Security to release ICE contract data | TechCrunch
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
Tools and Controls
AI risk moves into the security budget spotlight - Help Net Security
Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy
Why encrypted backups may fail in an AI-driven ransomware era | ZDNET
How Deepfakes and Injection Attacks Are Breaking Identity Verification
Cloudflare tracked 230 billion daily threats and here is what it found - Help Net Security
Attackers are using your network against you, according to Cloudflare | CyberScoop
The Expanding Link Between Software Engineering And Cyber Security - DevX
Your dependencies are 278 days out of date and your pipelines aren't protected - Help Net Security
Cyber resilience tunnel vision is leaving enterprises open to external threats | IT Pro
12 Million exposed .env files reveal widespread security failures
Security debt is becoming a governance issue for CISOs - Help Net Security
Other News
Cloudflare tracked 230 billion daily threats and here is what it found - Help Net Security
Attackers are using your network against you, according to Cloudflare | CyberScoop
The Increasing Speed of Cyberattacks
How 'silent probing' can make your security playbook a liability | CyberScoop
The Expanding Link Between Software Engineering And Cyber Security - DevX
UK government seeks to clamp down on cyber-threats - Digital Journal
DEF CON hackers 'fed up with government,' Jake Braun says • The Register
Sweden Tells Energy Sector to Raise Security, but Faces no Specific Threat
Healthcare organizations are accepting cyber risk to cut costs - Help Net Security
Cybersecurity is now a bigger worry for car-makers than costs - Drives&Controls
Cybersecurity a ‘significant’ issue for 95% of manufacturers
Vulnerability Management
Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy
Exploitable Vulnerabilities Present in 87% of Organizations - Infosecurity Magazine
Report Shows Sharp Rise in High‑Risk Flaws and Security Debt
Your dependencies are 278 days out of date and your pipelines aren't protected - Help Net Security
Surging third-party risks create software vulnerability headaches for developer teams | IT Pro
Google will soon ship Chrome updates every two weeks • The Register
Vulnerabilities
NCSC warns of attacks to Cisco Catalyst SD-WAN | UKAuthority
Cisco Drops 48 New Firewall Vulnerabilities, 2 Critical
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Juniper issues emergency patch for critical PTX router RCE
Cisco warns of max severity Secure FMC flaws giving root access
What to Know About the Notepad++ Supply-Chain Attack - Security Boulevard
Trend Micro fixes two critical flaws in Apex One
Critical Juniper Networks PTX flaw allows full router takeover
Firefox 148 Released With Sanitizer API to Disable XSS Attack
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Security hole could let hackers take over Juniper Networks PTX core routers | CSO Online
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.