Black Arrow Cyber Threat Intelligence Briefing 27 February 2026
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
We have details of new and developing threats for business leaders to address in their security strategy. These include malicious apps on work mobile devices, and phishing emails without links or attachments but with instructions for the recipient to call a number that turns out to be a scam. Separately, Google has identified attackers using online Google Sheets that contain command instructions for malware already installed in victims’ systems at a previous stage. As mentioned in our previous weekly reports, AI is being used to make cyber-attacks faster and more effective.
Addressing these and other risks requires two areas of focus: proportionate cyber security to reduce the frequency of successful attacks, and cyber resilience to improve the chances that the organisation can successfully detect and respond to attacks. Insurance is often part of that resilience; however, we include a reminder on the need to ensure a clear understanding upfront on exactly what the insurance policy provides and the conditions of cover.
Business leaders are not expected to be cyber experts, but your ability to ensure that your cyber security and resilience can address today’s evolving risks requires you to understand the fundamentals, and this is best sourced from experts who are not your control providers. Contact us for details of how to achieve proportionate security and resilience for your business .
Top Cyber Stories of the Last Week
The Growing Risk of Malicious Apps in a Mobile-First Workplace
As workplaces become increasingly mobile-first, employees’ smartphones now provide a direct route into corporate systems and sensitive data. Attackers are exploiting this by disguising malicious code inside legitimate-looking apps, including those published in trusted app stores, and by rapidly creating new variants that evade traditional, signature-based security tools. Risk also comes from poorly built apps that request excessive access or accidentally expose information through weak design. To reduce exposure, organisations need greater visibility into what apps are installed, what data they access, and whether their behaviour changes after updates, treating mobile apps as a core enterprise risk, not just an IT concern.
Why 'Call This Number' TOAD Emails Beat Gateways
Attackers are increasingly using “call this number” emails that contain no links or attachments, helping them slip past many secure email gateways. Analysis of roughly 5,000 threats that bypassed enterprise defences since December 2025 found telephone-oriented attack delivery (TOAD) made up almost 28% of these incidents. The tactic typically mimics a billing alert from a trusted brand and pressures staff to phone a number, where scammers try to steal login details, gain remote access to devices, or extract payments such as gift cards. Senior leaders should reinforce clear rules: invoices are not resolved by unsolicited phone calls, and staff must verify unexpected payment requests via known channels.
https://www.darkreading.com/threat-intelligence/why-call-this-number-toad-emails-beat-gateways
New Phishing Hacks Aren’t Sloppy—They’re Personalised
Artificial intelligence is making phishing scams far more convincing by tailoring messages with personal details pulled from past data breaches and public sources such as social media. These emails and texts may reference your name, location, services you use, or even your interests, helping criminals build trust and pressure people into clicking links, sharing information, or sending money. If staff credentials are stolen, accounts can be compromised, potentially impacting the wider business. Key safeguards include keeping software and security tools up to date, and treating personalised or unexpected payment or account warnings with caution by verifying them through official channels.
Google Disrupts Chinese-Linked Hackers That Attacked 53 Groups Globally
Google has disrupted a Chinese-linked hacking group with a near decade-long record of targeting governments and telecoms, after confirming access to at least 53 organisations across 42 countries, with possible reach into 22 more. The attackers used Google Sheets to hide activity within normal network traffic, which Google stressed was not a flaw in its products. In one incident, they installed a hidden way to regain access on a system holding sensitive personal data such as names, phone numbers, dates of birth and national ID details.
Basic Security Gaps Leave Enterprises Exposed to AI-Boosted Attacks
IBM’s 2026 X-Force Threat Intelligence Index warns that criminals are increasingly using AI to find and exploit basic security gaps at speed. Attacks starting through internet-facing applications rose 44%, often due to insufficient access controls, while ransomware and extortion activity grew 49% year on year and disclosed victim counts increased by about 12%. Supply chain and third-party compromises have almost quadrupled since 2020, targeting software build and deployment environments and cloud applications. In 2025, exploiting known weaknesses drove 40% of observed incidents. Manufacturing remained the most targeted sector (27%), and North America saw 29% of cases.
https://betanews.com/article/basic-security-gaps-leave-enterprises-exposed-to-ai-boosted-attacks/
'God-Like' Attack Machines: AI Agents Ignore Security Policies
Security leaders are warning that goal-driven AI agents can unintentionally expose sensitive information or make damaging changes if they are given too much access. A recent Microsoft Copilot bug reportedly summarised confidential emails, and separately an AI agent ignored restrictions and deleted a live database. Experts caution that built-in AI guardrails are not strong enough to be relied on as security controls. Organisations adopting AI agents should limit permissions to the minimum required, separate critical systems, keep clear oversight through monitoring and audit logs, and ensure robust backups to quickly reverse mistakes.
https://www.darkreading.com/application-security/ai-agents-ignore-security-policies
13 Ways Attackers Use Generative AI To Exploit Your Systems
Criminals are using generative AI to make familiar cyber attacks faster and more convincing, rather than inventing entirely new ones. It is boosting realistic phishing messages that trick staff into handing over passwords, and helping create malware to damage systems or steal data. AI is also enabling deepfake voice and video scams and automating espionage, with one campaign reportedly automated by about 80% and aimed at roughly 30 major organisations.
AI Accelerates Attacker Breakout Time to Just Four Minutes
ReliaQuest reports that attackers are moving faster, with the average time from initial access to spreading inside an organisation dropping to 34 minutes in 2025, and a record low of just four minutes. Data theft can happen in as little as six minutes, down from over four hours in 2024. The report links this acceleration to wider use of automation and AI, with 80% of ransomware groups using one or both. Many organisations remain exposed due to gaps such as poor visibility of activity logs, weak remote access protections, and identity processes that can be tricked through social engineering where attackers persuade staff to grant access.
https://www.infosecurity-magazine.com/news/ai-accelerates-attack-breakout/
Resilience: Cyber Risk Shifts from Disruption to Long-Tail Losses
According to a report by US insurance provider, Resilience, cyber attacks are increasingly causing long-lasting financial, regulatory and reputational harm, driven by criminals stealing data and demanding payment to stop it being published. Data theft-only incidents rose from 49% of extortion claims in the first half of last year to 65% in the second half, and this model could become the majority by the end of 2026. The report also warns that paying to suppress stolen data may still lead to lawsuits and further exposure. Retail, manufacturing and health care made up 68% of losses.
https://www.insurancejournal.com/news/national/2026/02/25/859511.htm
Ransomware Readiness is the Difference Between a Bad Day at Work and No More Workplace
Ransomware is now a routine business risk, and organisations that recover fastest are typically those with strong readiness rather than the most complex technology. Effective preparation starts with clear governance and a tested incident response plan that assumes key systems and email may be unavailable. It also requires reliable, regularly tested backups that can restore critical services quickly, plus offline access to continuity plans and contact lists. Senior leaders should rehearse early decisions, including how to handle ransom demands, legal checks, and insurer requirements. Today’s ransomware is often data theft followed by extortion, raising regulatory and reputational stakes.
So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second.
Many organisations treat cyber insurance as a simple safety net, but in practice it is often a patchwork of policies with gaps and overlaps that only become clear after an incident. The most common losses involve other people’s data held on your systems, ransomware that combines disruption with extortion, and business email compromise where criminals impersonate staff to divert payments. Insurers may dispute claims by arguing the loss sits under a different policy, that payments were voluntary, or that conditions were not met. The key message is to stress test cover in advance, so it still pays out under real-world pressure.
Russia Stepping Up Hybrid Attacks, Preparing for Long Standoff with West, Dutch Intelligence Warns
Dutch intelligence agencies warn that Russia is intensifying a hybrid campaign across Europe as it prepares for a long confrontation with the West. This blends cyber-attacks, sabotage, disinformation and covert political influence to stay below the threshold of open war. Since late 2023, activity has risen sharply, with the Netherlands targeted through cyber operations against public institutions and critical infrastructure. The agencies assess Russia’s risk tolerance has increased since 2024, meaning disruption to vital services could become more likely even without direct military conflict.
Governance, Risk and Compliance
Resilience: Cyber Risk Shifts From Disruption to Long-Tail Losses
Resilience Cyber Claims Data Reveals The New Economics of Professionalized Cybercrime
Cyber is long tail threat warns new study
Identifying cyber crime motives more vital than ever, report says | The National
Organizations, MSSPs Need to Mind the Gaps in Their Security: Barracuda | MSSP Alert
Businesses rank cyber incidents as their biggest threat - BetaNews
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware is a mid-market tax. Here's how UK firms can stop it - Raconteur
Ransomware playbook torn up as data theft becomes top threat – Resilience | Insurance Business
BeyondTrust Vulnerability Exploited in Ransomware Attacks - SecurityWeek
Ransomware Victims
Mississippi medical center closes all clinics after ransomware attack
Chip Testing Giant Advantest Hit by Ransomware - SecurityWeek
ShinyHunters demands $1.5M not to leak Wynn Resorts data • The Register
Two years on, what are the lessons from the British Library cyberattack?
ShinyHunters extortion gang claims Odido breach affecting millions
Wynn Resorts confirms data stolen after ShinyHunters threats • The Register
Qilin targets NYC transit workers | Cybernews
Everest ransomware hits Vikor Scientific 's supplier, data of 140,000 patients stolen
Phishing & Email Based Attacks
New phishing hacks aren't sloppy—they're personalized | PCWorld
Why 'Call This Number' TOAD Emails Beat Gateways
The Art of Deception: Typosquatting to Bypass Detection
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Russian hackers target European firms with new spear-phishing cyberattacks | TechRadar
Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence
Airline brands become launchpads for phishing, crypto fraud - Help Net Security
Phishing campaign targets freight and logistics orgs in the US, Europe
Multifaceted Phishing Scheme Deceives Bitpanda Customers - Infosecurity Magazine
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Know the red flags: Business email compromise signs to look out for | CSO Online
Other Social Engineering
Why 'Call This Number' TOAD Emails Beat Gateways
The Art of Deception: Typosquatting to Bypass Detection
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Fake CAPTCHA attacks exploded by 563% last year: How to spot them and stay safe online | ZDNET
Airline brands become launchpads for phishing, crypto fraud - Help Net Security
I'm a tech pro and an AI job scam almost fooled me - here's what gave it away | ZDNET
Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details
Ad tech firm Optimizely confirms data breach after vishing attack
How to protect yourself from SIM swapping
The latest delivery scam has 'carriers' calling to return your phone - don't fall for it | ZDNET
Virgin Media O2 Warn Customers to Watch Out for Fake 5G SIM Upgrade Emails - ISPreview UK
AML/CFT/Money Laundering/Terrorist Financing/Sanctions
The US expanded its sanctions list against Russia due to cybersecurity threats | УНН
Artificial Intelligence
Cyberattack Breakout in Just 27 Seconds? 2026 Threat Report Reveals Shocking Speed | IBTimes UK
AI Accelerates Attacker Breakout Time to Just Four Minutes - Infosecurity Magazine
Hackers Gain Speed, Not Major New Tradecraft, Using AI Tools
AI-powered Cyber-Attacks Up Significantly, Warns CrowdStrike - Infosecurity Magazine
13 ways attackers use generative AI to exploit your systems | CSO Online
New phishing hacks aren't sloppy—they're personalized | PCWorld
'God-Like' Attack Machines: AI Agents Ignore Security Policies
2026 CrowdStrike Global Threat Report: AI Accelerates Adversaries and Reshapes the Attack Surface
Attackers Now Need Just 29 Minutes to Own a Network
Cyberattacks are hitting faster with AI fuelling an 89% jump, data shows - National | Globalnews.ca
The rise of the evasive adversary | CSO Online
Basic security gaps leave enterprises exposed to AI-boosted attacks - BetaNews
Android malware uses Google’s own Gemini AI to adapt in real time - Android Authority
Multiple Hacking Groups Exploit OpenClaw Instances to Steal API key and Deploy Malware
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
Lessons From AI Hacking: Every Model, Every Layer Is Risky
Model Inversion Attacks: Growing AI Business Risk - Security Boulevard
AI is becoming part of everyday criminal workflows - Help Net Security
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer | Trend Micro (US)
Cyber Attacks Skirt Corporate Defenses With AI, Cloud Intrusions
Anthropic Drops Flagship Safety Pledge | TIME
National Crime Agency calls for ‘whole-system approach’ to tech-enabled abuse – PublicTechnology
44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds - Infosecurity Magazine
AI coding assistant Cline compromised, installs OpenClaw • The Register
Urgent research needed to tackle AI threats, says Google AI boss - BBC News
Deloitte Australia bans staff from using ChatGPT over data leak fears
How Exposed Endpoints Increase Risk Across LLM Infrastructure
UAE foils AI-powered 'terrorist cyber attacks' on vital sectors | The National
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools - Infosecurity Magazine
Major 'vibe-coding' platform Orchids is easily hacked, researcher finds - BBC News
Do NOT use AI-generated passwords, security experts warn | PCWorld
Nation state hackers fail to gain edge with AI, OpenAI report finds - Cryptopolitan
Claude's collaboration tools allowed remote code execution • The Register
Cyber: the dangers of agents and vibe coding | ICAEW
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
Careers, Roles, Skills, Working in Cyber and Information Security
Where CISOs need to hire and develop cybersecurity talent
ISC2 Launches Global Code of Professional Conduct for Cybersecurity
UK tech has fewer foreign techies, struggling to upskill • The Register
Cloud/SaaS
2026 CrowdStrike Global Threat Report: AI Accelerates Adversaries and Reshapes the Attack Surface
Cyber Attacks Skirt Corporate Defenses With AI, Cloud Intrusions
Hackers Using OAuth Apps in Microsoft Entra ID to Establish Persistence
Founder drops AWS for Euro stack in bid for sovereignty • The Register
Europe’s ‘tech sovereignty’ ambitions carry security risks, military warns
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Airline brands become launchpads for phishing, crypto fraud - Help Net Security
Cyber Crime, Organised Crime & Criminal Actors
Resilience: Cyber Risk Shifts From Disruption to Long-Tail Losses
AI is becoming part of everyday criminal workflows - Help Net Security
Resilience Cyber Claims Data Reveals The New Economics of Professionalized Cybercrime
Cyber Claims Data Shows ‘New Economics’ of Cybercrime
Cyber is long tail threat warns new study
Identifying cyber crime motives more vital than ever, report says | The National
Latin America's Cyber Maturity Lags Threat Landscape
Don’t trust TrustConnect: This fake remote support tool only helps hackers | CSO Online
International operation dismantles fraud network, €400,000 seized - Help Net Security
Data Breaches/Leaks
PayPal Data Breach Led to Fraudulent Transactions - SecurityWeek
PayPal discloses extended data leak linked to Loan App glitch
ICO wins battle in fight to fine tech retailer £500k • The Register
ShinyHunters extortion gang claims Odido breach affecting millions
Ashley Madison pivots to shake cyberattack ghost | Cybernews
CarGurus data breach exposes information of 12.4 million accounts
Ad tech firm Optimizely confirms data breach after vishing attack
Data/Digital Sovereignty
Founder drops AWS for Euro stack in bid for sovereignty • The Register
Europe’s ‘tech sovereignty’ ambitions carry security risks, military warns
Denial of Service/DoS/DDoS
Dramatic Escalation Frequency and Power of in DDoS Attacks - Infosecurity Magazine
Suspected Anonymous members cuffed in Spain over DDoS attack • The Register
Spain arrests suspected hacktivists for DDoSing govt sites
Fraud, Scams and Financial Crime
PayPal Data Breach Led to Fraudulent Transactions - SecurityWeek
Fraud Investigation Reveals Sophisticated Python Malware - Infosecurity Magazine
International operation dismantles fraud network, €400,000 seized - Help Net Security
I'm a tech pro and an AI job scam almost fooled me - here's what gave it away | ZDNET
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning | Microsoft Security Blog
Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details
Virgin Media O2 Warn Customers to Watch Out for Fake 5G SIM Upgrade Emails - ISPreview UK
Hackers use this tool to bypass fraud detection and weaponize Google ads | Mashable
The latest delivery scam has 'carriers' calling to return your phone - don't fall for it | ZDNET
Identity and Access Management
When identity isn’t the weak link, access still is
Insider Risk and Insider Threats
Cost of Insider Incidents Surges 20% to Nearly $20m - Infosecurity Magazine
Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
Insurance
Internet of Things – IoT
Security vulnerabilities in Tesla's Model 3 and Cybertruck reveal how connected cars can be hacked
Law Enforcement Action and Take Downs
Ex-Google engineers accused of swiping chip security secrets • The Register
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
International operation dismantles fraud network, €400,000 seized - Help Net Security
Suspected Anonymous members cuffed in Spain over DDoS attack • The Register
Police seize 100,000 stolen Facebook credentials in cybercrime raid - Help Net Security
Linux and Open Source
Open-source security debt grows across commercial software - Help Net Security
Malvertising
Hackers use this tool to bypass fraud detection and weaponize Google ads | Mashable
Malware
Fraud Investigation Reveals Sophisticated Python Malware - Infosecurity Magazine
Multiple Hacking Groups Exploit OpenClaw Instances to Steal API key and Deploy Malware
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer | Trend Micro (US)
Fake troubleshooting tip on ClawHub leads to infostealer infection - Help Net Security
ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
Russian hackers target European firms with new spear-phishing cyberattacks | TechRadar
New malware-as-a-service fronts as legit RMM provider | SC Media
Criminals create business website to sell RAT disguised as RMM tool - Help Net Security
Fake Zoom update covertly installs spy tool | Cybernews
Don’t trust TrustConnect: This fake remote support tool only helps hackers | CSO Online
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools - Infosecurity Magazine
MuddyWater Targets Orgs With Fresh Malware Amid Rising Tensions
Mobile
The Growing Risk of Malicious Apps in a Mobile-First Workplace - Security Boulevard
Android malware uses Google’s own Gemini AI to adapt in real time - Android Authority
Predator spyware hooks iOS SpringBoard to hide mic, camera activity
How To Prevent Your Smartphone From Spying On Your Activities
Researchers flag Samsung Tizen OS weakness | Cybernews
Virgin Media O2 Warn Customers to Watch Out for Fake 5G SIM Upgrade Emails - ISPreview UK
How to protect yourself from SIM swapping
Android mental health apps with 14.7M installs filled with security flaws
Models, Frameworks and Standards
Passwords, Credential Stuffing & Brute Force Attacks
The 25 Most Vulnerable Passwords of 2026 | Security Magazine
Every day in every way, passwords are getting worse • The Register
The Real Initial Access Vector: Compromised Active Directory Credentials - Security Boulevard
Too many users are reusing passwords: Cybersecurity dangers revealed - Digital Journal
Police seize 100,000 stolen Facebook credentials in cybercrime raid - Help Net Security
Do NOT use AI-generated passwords, security experts warn | PCWorld
Regulations, Fines and Legislation
National Crime Agency calls for ‘whole-system approach’ to tech-enabled abuse – PublicTechnology
ICO wins battle in fight to fine tech retailer £500k • The Register
UK fines Reddit $19 million for using children’s data unlawfully
US cybersecurity agency CISA reportedly in dire shape amid Trump cuts and layoffs | TechCrunch
Across party lines and industry, the verdict is the same: CISA is in trouble | CyberScoop
Social Media
Police seize 100,000 stolen Facebook credentials in cybercrime raid - Help Net Security
I'm a tech pro and an AI job scam almost fooled me - here's what gave it away | ZDNET
Discord postpones global age verification rollout | AP News
UK fines Reddit $19 million for using children’s data unlawfully
Supply Chain and Third Parties
Group-IB High-Tech Crime Trends Report 2026: Supply Chain Attacks Emerge as Top Global Cyber Threat
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools - Infosecurity Magazine
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Disrupting the GRIDTIDE Global Cyber Espionage Campaign | Google Cloud Blog
Awareness of Russian threat growing in EU, says MEP
Nation State Actors
Nation state hackers fail to gain edge with AI, OpenAI report finds - Cryptopolitan
UAE foils AI-powered 'terrorist cyber attacks' on vital sectors | The National
China
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google and friends disrupt suspected Beijing espionage op • The Register
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Chinese Police Use ChatGPT to Smear Japan PM Takaichi
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs - SecurityWeek
Russia
Awareness of Russian threat growing in EU, says MEP
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
Russian hackers target European firms with new spear-phishing cyberattacks | TechRadar
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls - Infosecurity Magazine
The US expanded its sanctions list against Russia due to cybersecurity threats | УНН
Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker
North Korea
Iran
MuddyWater Targets Orgs With Fresh Malware Amid Rising Tensions
Ex-Google engineers accused of swiping chip security secrets • The Register
Tools and Controls
Criminals create business website to sell RAT disguised as RMM tool - Help Net Security
Fake Zoom update covertly installs spy tool | Cybernews
Identity-First AI Security: Why CISOs Must Add Intent to the Equation
AI gets good at finding bugs, not as good at fixing them • The Register
When identity isn’t the weak link, access still is
Why Most Breaches Happen After Launch: SaaS Security Testing Best Practices - Security Boulevard
Why the shift left dream has become a nightmare for security and developers
What Is Zero Trust Security? A Plain-English Guide - Security Boulevard
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs - SecurityWeek
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools - Infosecurity Magazine
AI coding assistant Cline compromised, installs OpenClaw • The Register
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
Major 'vibe-coding' platform Orchids is easily hacked, researcher finds - BBC News
Cyber: the dangers of agents and vibe coding | ICAEW
LLM firewalls emerge as a new AI security layer | TechTarget
Other News
The FBI Says These Wi-Fi Routers Are Unsafe, And Here's Why
Cyber-attacks may disrupt smart factories by targeting time | University of East London
“The automotive industry will eventually wake up to cyber attacks. It's a pandemic th | Ctech
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
Enigma Cipher Device Still Holds Secrets for Cyber Pros
Vulnerability Management
AI gets good at finding bugs, not as good at fixing them • The Register
Organizations, MSSPs Need to Mind the Gaps in Their Security: Barracuda | MSSP Alert
Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker
Microsoft extends security patching for three Windows products at a price - Help Net Security
Vulnerabilities
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers - SecurityWeek
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Claude's collaboration tools allowed remote code execution • The Register
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
BeyondTrust Vulnerability Exploited in Ransomware Attacks - SecurityWeek
CISA gives feds 3 days to patch actively exploited Dell bug • The Register
Attackers Use New Tool to Scan for React2Shell Exposure
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
VMware Aria Operations flaws could enable remote attacks
Major 'vibe-coding' platform Orchids is easily hacked, researcher finds - BBC News
Researchers flag Samsung Tizen OS weakness | Cybernews
Recent RoundCube Webmail Vulnerability Exploited in Attacks - SecurityWeek
Critical Zyxel router flaw exposed devices to remote attacks
Android mental health apps with 14.7M installs filled with security flaws
Critical Grandstream Phone Vulnerability Exposes Calls to Interception - SecurityWeek
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.