Black Arrow Cyber Threat Intelligence Briefing 27 March 2026
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
With escalating attacks, it is vital that business leaders focus on both cyber security (to reduce the likelihood of a successful attack) and cyber resilience (to stand the best chance of surviving an attack). In our review of specialist and general media this week, we highlight the gap in business leaders’ perception of how resilient they are versus how they manage a real or simulated incident.
We share reasons for that gap including security controls that have not been maintained, vulnerabilities that are over a decade old, and insecure business software code that has been written by AI. Meanwhile, attackers are using AI to empower their own attacks and adapt their social engineering techniques to gain access via employees. The high number of attacks has prompted the UK financial services regulator to enforce stricter reporting of cyber incidents, which is effective in the next 12 months.
From the above, business leaders need to ensure they understand how robust their own cyber security is, and whether their organisation is resilient enough to withstand a likely attack. This requires an objective assessment, with upskilled governance to assess against the reports from control providers. Contact us to find out how to do this proportionately in your organisation.
Top Cyber Stories of the Last Week
When Confidence Becomes a Risk: The Gap Between Cyber Resilience Readiness and Reality
Research indicates that many leadership teams may be more confident in their cyber resilience than the facts justify. While 99% of organisations say they have a cyber resilience strategy, only 40% successfully contained and recovered from their most recent incident or test, and 63% of IT leaders believe executives overestimate readiness. Organisations that test recovery plans monthly achieve a higher success rate compared with those that test less often, showing that regular validation is critical to reducing operational, financial and reputational risk.
Cyber Warfare Outstripping Business Defence Capabilities
Armis warns that cyber warfare has become a daily business risk, with artificial intelligence helping attackers move faster and target more precisely. While 81% of UK decision-makers say they are confident in their ability to detect and respond to a coordinated cyber attack, 48% report being hit by an AI-led attack in the past year. The financial impact is also rising sharply: the average ransomware payment for larger organisations reached £7.71 million in 2025, and 44% say these payments now exceed their annual cyber security budget.
https://www.emergingrisks.co.uk/cyber-warfare-outstripping-business-defence-capabilities/
Enterprise Cyber Security Software Fails 20% of the Time, Warns Absolute Security
Absolute Security reports that delays in applying patches is a main cause of endpoint security tools failing on around 20% of enterprise devices, creating the equivalent of 76 days a year when organisations may face greater exposure to cyber threats. Its research, based on data from tens of millions of business devices, also found nearly a quarter of vulnerability management tools were operating outside compliance, critical Windows updates were delayed by an average of 127 days, and almost 10% of devices were permanently unpatched. For senior leaders, the message is clear: security tools are only effective if they remain operational, updated and consistently enforced.
https://www.infosecurity-magazine.com/news/cybersecurity-software-failure-20/
An AI-Powered Phishing Campaign Has Compromised Hundreds of Organisations
Researchers have uncovered a large-scale phishing campaign that used artificial intelligence to create convincing, varied scam emails and gain access to Microsoft cloud accounts at speed. Huntress identified 344 affected organisations across sectors including finance, healthcare, government and legal services, and believes the true number could run into the thousands. In some cases, attackers could keep access for up to 90 days without needing a password or additional verification. The campaign highlights how artificial intelligence is lowering the barrier for cyber criminals and increasing the pace and scale of cyber attacks.
https://cyberscoop.com/huntress-railway-ai-phishing-campaign-compromised-hundreds-of-organizations/
NCSC Warns Vibe Coding Poses a Major Risk to Businesses
The UK’s NCSC has warned that AI generated code, often called “vibe coding”, is creating growing cyber security risks for businesses. While AI could help reduce long standing software weaknesses, the agency says many organisations are not improving their ability to find and fix flaws quickly enough. It notes that software code in systems doubles roughly every 42 months, increasing the potential attack surface, while serious weaknesses are often exploited before fixes are applied. Separate industry research found 1 in 5 security leaders had experienced a major incident linked to AI generated code.
https://www.itpro.com/security/ncsc-warns-vibe-coding-poses-a-major-risk
32% of Top-Exploited Vulnerabilities Are Over a Decade Old
Cisco Talos reports that many of the security weaknesses most often exploited in 2025 were not new. Around 32% were more than 10 years old and nearly 40% affected unsupported devices, showing how ageing technology continues to create risk. Attackers also moved quickly on newly disclosed flaws, often using them almost at once. Ransomware remained steady, with manufacturing the hardest hit sector, while email was still a major route in, featuring in 40% of response cases.
It’s Time Cyber Security Understood Human Behaviour and Acted Accordingly
Organisations are being reminded that many serious cyber security breaches exploit human behaviour rather than technical flaws. Human actions such as responding quickly under pressure or approving repeated login requests can open the door to attackers, with Verizon finding human behaviour involved in around 60% of breaches. The growing use of AI is expected to make these manipulation tactics more convincing. Effective defence now depends on combining staff awareness with stronger sign in controls that can detect suspicious activity without creating unnecessary friction for employees.
The Phone Call Is the New Phishing Email
Mandiant reports a marked shift in cyber crime tactics, with voice phishing now behind 11% of the incidents it investigated in 2025. In these attacks, criminals phone employees or IT support while pretending to be legitimate staff in order to gain access. Software weaknesses still remained the main route in, accounting for 32% of cases. Technology firms were most affected at 17% of incidents, followed by finance at 14%, professional services at 13% and health care at 11%.
https://cyberscoop.com/social-engineering-surge-intrusion-vector-mandiant-m-trends/
Financial Brands Targeted in Global Mobile Banking Malware Surge
A sharp rise in mobile banking malware is putting financial organisations under growing pressure, with 1,243 financial brands across 90 countries now being targeted. Zimperium found attacks are increasingly happening on customers’ phones rather than within bank systems, making fraud harder to spot because it can look like normal account activity. Android banking trojan activity rose 56% in 2025, while online fraud increased 21% year on year. The US faces the highest concentration of targeted banking apps, followed by the UK.
https://www.infosecurity-magazine.com/news/financial-brands-mobile-banking/
UK Finance Firms Given 12 Months to Prepare for Stricter Cyber Reporting
Britain’s financial regulator has given firms 12 months to prepare for tougher reporting rules on cyber incidents and disruptions affecting key suppliers. The measures take effect on 18 March 2027 and are designed to improve operational resilience, meaning an organisation’s ability to keep critical services running during disruption. The move reflects growing concern over supply chain risk, with more than 40% of cyber incidents reported to the Financial Conduct Authority in 2025 involving a third party, including major outages linked to Cloudflare and AWS.
NCA Boss Warns That Teens Are Being “Radicalised” Into Cybercrime Online
The UK National Crime Agency warns that online platforms and recommendation systems are drawing some teenagers into cyber crime, alongside other serious offences, as digital networks make crime faster, more global and harder to separate into neat categories. The agency also reports rising online fraud, including investment scams and sexual extortion, plus a growing number of UK-based attackers using both malicious software and manipulation of staff. Its message to leaders is that protecting systems alone is not enough: organisations must also strengthen staff awareness, processes and supply chain resilience.
https://www.infosecurity-magazine.com/news/nca-boss-warns-teens-radicalized/
Most Wanted Hackers Hide in Plain Sight – And There’s Nothing Police Can Do
Cyber criminals often remain beyond the reach of law enforcement not because they cannot be identified, but because legal and political barriers make prosecutions difficult. In 2023, the FBI received more than 880,000 cyber crime complaints reporting losses above $12.5 billion, yet only a tiny proportion led to prosecutions. While international cooperation has improved and some criminal services have been disrupted, replacements quickly emerge. The result is a low risk, high reward environment in which many offenders operate openly from countries unwilling to extradite them.
https://cybernews.com/security/wanted-hackers-hide-plain-sight-police/
US Regulator Bans Imports of New Foreign-Made Routers, Citing Security Concerns
The US communications regulator has banned imports of newly approved foreign-made home routers, citing national security and cyber security concerns. China is thought to supply at least 60% of the US home router market. Existing models are unaffected, but new imports will be blocked after a government review warned that weaknesses in some devices could be used to disrupt essential services, spy on networks and steal valuable information. The move reflects growing concern that everyday internet equipment, which connects homes and businesses to online services, can create wider risks to national infrastructure and economic security.
Governance, Risk and Compliance
Cyber warfare outstripping business defence capabilities
UK finance firms given 12 months to prepare for stricter cyber reporting | Cyprus Mail
When confidence becomes a risk: The gap between cyber resilience readiness and reality | TechRadar
You can’t patch poor leadership: cyber security starts in the boardroom | BCS
From boardroom risk to deal flow: why cyber M&A is accelerating in 2026 | TechRadar
US government launches Bureau of Emerging Threats | Computer Weekly
How To Strengthen Cyber Resilience Through Shared Risk Ownership
Threats
Ransomware, Extortion and Destructive Attacks
Why hackers almost never get caught | Cybernews
Stryker cyber attack: Employees still unable to work more than a week after hack - mlive.com
Ransomware's New Era: Moving at AI Speed
Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation - Infosecurity Magazine
Ex-data analyst stole company data in $2.5M extortion scheme
FBI seizes domains linked to Iran hackers after Stryker cyberattack
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals - Infosecurity Magazine
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
Stryker Sued by Former Employee Alleging Failure to Secure Data
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
Extortion Group Claims It Hacked AstraZeneca - SecurityWeek
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout | SC Media UK
Manager of botnet used in ransomware attacks gets 2 years in prison
Law Firm Ransomware Attacks On Rise, Report Says - Law360
Ransomware and Destructive Attack Victims
Co-op takes £126m knock from cyber attack as boss quits
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout | SC Media UK
WorldLeaks group breached the City of Los Angeles
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware - SecurityWeek
Phishing & Email Based Attacks
An AI-powered phishing campaign has compromised hundreds of organizations | CyberScoop
The phone call is the new phishing email | CyberScoop
Voice phishing skyrockets as smooth crims talk their way in • The Register
Microsoft Azure Monitor alerts abused for callback phishing attacks
Signal is being targeted by Russian hackers in a huge new phishing campaign, FBI says | TechRadar
Tycoon2FA phishing platform returns after recent police disruption
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Manager of botnet used in ransomware attacks gets 2 years in prison
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Phishers Pose as Palo Alto Networks' Recruiters in Job Scam
Other Social Engineering
The phone call is the new phishing email | CyberScoop
Voice phishing skyrockets as smooth crims talk their way in • The Register
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Trio sentenced for facilitating North Korean IT worker scheme from their homes | CyberScoop
Attackers are handing off access in 22 seconds, Mandiant finds - Help Net Security
Google slows Android sideloading to trip up scammers - Help Net Security
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
2FA/MFA
It’s time cyber security understood human behavior and acted accordingly | TechRadar
Tycoon2FA phishing platform returns after recent police disruption
Artificial Intelligence
An AI-powered phishing campaign has compromised hundreds of organizations | CyberScoop
Cybersecurity Staff Don’t Know How Fast They Could Stop AI Attacks - Infosecurity Magazine
Ransomware's New Era: Moving at AI Speed
Cyber Attacks Hit 93% of UK Critical Infrastructure as AI Threats Accelerate - IT Security Guru
Cybercriminals are Winning with AI - Security Boulevard
1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now | ZDNET
NCSC warns vibe coding poses a major risk to businesses | IT Pro
A nearly undetectable LLM attack needs only a handful of poisoned samples - Help Net Security
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link - SecurityWeek
SANS: Top 5 Most Dangerous New Attack Techniques to Watch
MSSPs Can’t Keep Up With AI-Driven Threats | news | MSSP Alert
Deepfake scams skyrocket. Can a safe word protect your family? | Cybernews
OpenClaw AI goes viral in China, raising cybersecurity fears - Asia Times
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China - SecurityWeek
China moves to curb use of OpenClaw AI at banks, state agencies | The Straits Times
Stop telling AI your secrets - 5 reasons why, and what to do if you already overshared | ZDNET
The OWASP Top 10 for LLM Applications (2025): Explained Simply - Security Boulevard
Who owns AI agent access? At most companies, nobody knows - Help Net Security
Bots/Botnets
US Takes Down Botnets Used in Record-Breaking Cyberattacks | WIRED
Manager of botnet used in ransomware attacks gets 2 years in prison
How one man used 10,000 bots to steal $8,000,000 from music artists
Careers, Roles, Skills, Working in Cyber and Information Security
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
Cyber platformisation is a skills issue for security teams | Computer Weekly
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
Cyber Crime, Organised Crime & Criminal Actors
Why hackers almost never get caught | Cybernews
The rise of the cyber hacker - does clout matter more than cash? | TechRadar
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown - Infosecurity Magazine
Manager of botnet used in ransomware attacks gets 2 years in prison
Russian initial access broker jailed for 81 months in US • The Register
Data Breaches/Leaks
Hackers claim to have accessed data tied to millions of crime tipsters | Malwarebytes
Marquis Data Breach Affects 672,000 Individuals - SecurityWeek
Mazda discloses security breach exposing employee and partner data
HackerOne Employee Data Exposed in Massive Navia Breach - SecurityWeek
Data/Digital Sovereignty
Big Win for Open Source as Germany Backs Open Document Format
Open source is booming in Europe as enterprises look to strengthen digital autonomy | IT Pro
Denial of Service/DoS/DDoS
US Takes Down Botnets Used in Record-Breaking Cyberattacks | WIRED
International joint action disrupts world’s largest DDoS botnets
Encryption
Google moves post-quantum encryption timeline up to 2029 | CyberScoop
Fraud, Scams and Financial Crime
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown - Infosecurity Magazine
Industry Acts Against Fraud, but Government's Role Unclear
Fake app stores bypass sideloading restrictions using PWAs | Cybernews
Deepfake scams skyrocket. Can a safe word protect your family? | Cybernews
Google slows Android sideloading to trip up scammers - Help Net Security
Police take down 373,000 fake CSAM sites in Operation Alice
Man Used 373,000 Sites On Dark Web To Swindle Predators, Hackers
Scammers have virtual smartphones on speed dial for fraud • The Register
How one man used 10,000 bots to steal $8,000,000 from music artists
Phishers Pose as Palo Alto Networks' Recruiters in Job Scam
Identity and Access Management
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link - SecurityWeek
Insider Risk and Insider Threats
Human Risk Multiplier: How Mobile Devices Expand Enterprise Attack Surfaces
It’s time cyber security understood human behavior and acted accordingly | TechRadar
Trio sentenced for facilitating North Korean IT worker scheme from their homes | CyberScoop
Ex-data analyst stole company data in $2.5M extortion scheme
Insurance
UK watchdog raises concerns over Jaguar Land Rover's cyber bailout | SC Media UK
Are nations ready to be the cybersecurity insurers of last resort? | CSO Online
Internet of Things – IoT
Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US | TechCrunch
Law Enforcement Action and Take Downs
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown - Infosecurity Magazine
Why hackers almost never get caught | Cybernews
Trio sentenced for facilitating North Korean IT worker scheme from their homes | CyberScoop
US Takes Down Botnets Used in Record-Breaking Cyberattacks | WIRED
International joint action disrupts world’s largest DDoS botnets
Manager of botnet used in ransomware attacks gets 2 years in prison
NCA Boss Warns That Teens Are Being “Radicalized” Online - Infosecurity Magazine
Dark web platforms taken down in international operation | IT Pro
Alleged RedLine infostealer conspirator extradited to US | CyberScoop
Man Used 373,000 Sites On Dark Web To Swindle Predators, Hackers
Tycoon2FA phishing platform returns after recent police disruption
FBI seizes domains linked to Iran hackers after Stryker cyberattack
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China - SecurityWeek
Linux and Open Source
Big Win for Open Source as Germany Backs Open Document Format
Open source is booming in Europe as enterprises look to strengthen digital autonomy | IT Pro
Malware
If You Own One Of These Popular Routers, The FBI Has A Serious Warning
Alleged RedLine infostealer conspirator extradited to US | CyberScoop
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
Chrome encryption bypass discovered: New malware steals passwords and cookies – Computerworld
GitHub-hosted malware campaign uses split payload to evade detection - Help Net Security
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
FBI: Iranian hackers targeting opponents with Telegram malware | CyberScoop
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
Mobile
Human Risk Multiplier: How Mobile Devices Expand Enterprise Attack Surfaces
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
Financial Brands Targeted in Global Mobile Banking Malware Surge - Infosecurity Magazine
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
Fake app stores bypass sideloading restrictions using PWAs | Cybernews
FBI: Iranian hackers targeting opponents with Telegram malware | CyberScoop
Google slows Android sideloading to trip up scammers - Help Net Security
iOS, macOS 26.4 Roll Out With Fresh Security Patches - SecurityWeek
Hong Kong police can now demand phone passwords under national security law
Models, Frameworks and Standards
NIST updates its DNS security guidance for the first time in over a decade - Help Net Security
The OWASP Top 10 for LLM Applications (2025): Explained Simply - Security Boulevard
Cyber Resilience Act (EU) - Security Boulevard
Outages
Microsoft Exchange Online service change causes email access issues
Passwords, Credential Stuffing & Brute Force Attacks
Chrome encryption bypass discovered: New malware steals passwords and cookies – Computerworld
Hong Kong police can now demand phone passwords under national security law
Regulations, Fines and Legislation
UK finance firms given 12 months to prepare for stricter cyber reporting | Cyprus Mail
US bans foreign-made internet routers over security concerns | The Independent
UK Law Update 2026: Key Legal Shifts and What They Mean - Law News
US government launches Bureau of Emerging Threats | Computer Weekly
Irish government launches CNI resilience plan | Computer Weekly
What was missing from the UK digital ID consultation? • The Register
Social Media
Software Supply Chain
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Supply Chain and Third Parties
SANS: Top 5 Most Dangerous New Attack Techniques to Watch
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
Trivy’s March Supply Chain Attack Shows Where Secret Exposure Hurts Most - Security Boulevard
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks - Help Net Security
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI - SecurityWeek
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware - SecurityWeek
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Cyber warfare outstripping business defence capabilities
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury - SecurityWeek
How Russian electronic warfare is forcing ships to abandon GPS
First cyberattacks of war hint at Iran's playbook against U.S.
Inside the Growing 'Cyber Invasion' Targeting the US
Iran war fallout is no longer confined to states - it now runs through companies | The National
Only Trump decides when cyberwar turns into real war • The Register
How CISOs Can Survive the Era of Geopolitical Cyberattacks
Nation State Actors
Inside the Growing 'Cyber Invasion' Targeting the US
Blame Game: Why Public Cyber Attribution Carries Risks
China
US regulator bans imports of new foreign-made routers, citing security concerns | Reuters
3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China - SecurityWeek
How Cyberattacks Can Turn Battery Farms Into Grid Blackouts
Hong Kong police can now demand phone passwords under national security law
OpenClaw AI goes viral in China, raising cybersecurity fears - Asia Times
China moves to curb use of OpenClaw AI at banks, state agencies | The Straits Times
Russia
How Russian electronic warfare is forcing ships to abandon GPS
Signal is being targeted by Russian hackers in a huge new phishing campaign, FBI says | TechRadar
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
FBI links Signal phishing attacks to Russian intelligence services
Manager of botnet used in ransomware attacks gets 2 years in prison
Russian initial access broker jailed for 81 months in US • The Register
Internet outages disrupt daily life in Russia, fueling fears of a digital crackdown | CNN
North Korea
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
Trio sentenced for facilitating North Korean IT worker scheme from their homes | CyberScoop
Iran
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury - SecurityWeek
First cyberattacks of war hint at Iran's playbook against U.S.
FBI seizes domains linked to Iran hackers after Stryker cyberattack
Stryker cyber attack: Employees still unable to work more than a week after hack - mlive.com
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals - Infosecurity Magazine
Iran Hacktivists Make Noise but Have Little Impact on War
Iran war fallout is no longer confined to states - it now runs through companies | The National
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
FBI: Iranian hackers targeting opponents with Telegram malware | CyberScoop
French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Only Trump decides when cyberwar turns into real war • The Register
Tools and Controls
Enterprise Cybersecurity Software Fails 20% of the Time, Warns Report - Infosecurity Magazine
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
NCSC warns vibe coding poses a major risk to businesses | IT Pro
When confidence becomes a risk: The gap between cyber resilience readiness and reality | TechRadar
NIST updates its DNS security guidance for the first time in over a decade - Help Net Security
UK firms regret software spending as tool sprawl causes IT headaches | IT Pro
Enterprise PCs are unreliable, unpatched, and unloved • The Register
CISOs Debate Human Role in AI-Powered Security
The OWASP Top 10 for LLM Applications (2025): Explained Simply - Security Boulevard
MSSPs Can’t Keep Up With AI-Driven Threats | news | MSSP Alert
Using a single LLM tool for malware analysis leads to unreliable results - BetaNews
Top AI coding tools make mistakes one in four times, study shows
UK is set to lead multinational cyber defence exercise | UKAuthority
Google unleashes Gemini AI agents on the dark web • The Register
Other News
Cyber Attacks Hit 93% of UK Critical Infrastructure as AI Threats Accelerate - IT Security Guru
7,500+ Magento sites defaced in global hacking campaign
The UK’s cyber-security reckoning | The Independent
Blame Game: Why Public Cyber Attribution Carries Risks
The era of cheap technology could be over | IT Pro
New rules, rising threats: why lean IT teams must rethink cyber-security | The Independent
One year on from retail’s devastating cyber attacks, what’s changed? - Retail Gazette
Vulnerability Management
32% of top-exploited vulnerabilities are over a decade old - Help Net Security
Enterprise PCs are unreliable, unpatched, and unloved • The Register
Lightning-fast exploits mean patch fast, says Cisco Talos • The Register
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
Vulnerabilities
New KB5085516 emergency update fixes Microsoft account sign-in
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Chrome encryption bypass discovered: New malware steals passwords and cookies – Computerworld
iOS, macOS 26.4 Roll Out With Fresh Security Patches - SecurityWeek
Telnet vulnerability opens door to remote code execution as root | CSO Online
Microsoft releases emergency fix for account internet error • The Register
Chrome 146 Update Patches High-Severity Vulnerabilities - SecurityWeek
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
MS update kills Microsoft account sign-ins in Windows 11 • The Register
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks
Apple details Safari 26.4 with 44 new features, 191 bug fixes, more - 9to5Mac
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover
Critical Quest KACE Vulnerability Potentially Exploited in Attacks - SecurityWeek
QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.