Black Arrow Cyber Threat Intelligence Briefing 31 October 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week, ransomware continues to underline the need for leaders to plan to prevent attacks and manage them effectively if the worst happens, with 40% of paying victims still unable to recover their data. SMEs face rising exposure as cyber criminals exploit weaker controls and limited recovery planning, showing that every organisation must understand its risk profile and response capability.
We see the UK financial regulator strengthening its stance on operational resilience, signalling growing expectations for leadership accountability. Business leaders are reassessing their exposure and security, but with a clear need to ensure perceptions of security reflect reality. Current threats include shadow AI, LinkedIn campaigns targeting executives, persistent malware, advanced phishing, and attackers constantly scanning potential victims for exploitable weaknesses.
These developments reinforce that resilience includes building security and preparing to manage an incident. Contact us to discuss how we help achieve this, including through impartial incident-response simulations that help leaders rehearse and objectively challenge their preparedness.
Top Cyber Stories of the Last Week
Ransomware Recovery Perils: 40% of Paying Victims Still Lose Their Data
A Hiscox survey of SMEs found that two in five organisations that pay ransoms still fail to recover their data. Ransomware attacks remain widespread, with 27% of firms hit in the past year and 80% paying in hopes of restoration. Experts say recovery often fails due to flawed encryption, corrupted backups and untested recovery plans. Paying rarely resolves the full breach, which may include data theft or GDPR implications. Strong preparation, tested backups, insurance and legal readiness are key to resilience.
Reacting Slowly to a Security Breach Opens up Your Business to More Threats, Report Warns
Barracuda’s latest research finds most organisations suffered at least one email breach in the past year and slow response hugely increases follow-on risk. The report links delayed containment with higher odds of ransomware and material business disruption, including reputational harm and lost opportunities. Small firms are hit hard as recovery costs scale per employee and teams struggle to detect and triage incidents within an hour. The authors call for quicker detection, automation in response and a unified approach to break entire attack chains rather than point-in-time fixes.
SMEs Unprepared to Defend Against Advanced Cyber Threats
Vodafone’s latest report warns that Irish SMEs are struggling to keep pace with AI-driven cyber threats. One in four firms could collapse after a single ransomware attack, and AI-powered scams are expected to drive a 50% rise in attack costs within three years. Only half of SMEs rank cyber security as a top priority, while 69% lack proper safeguards. With attackers cloning voices and creating adaptive malware, Vodafone urges practical defences such as training, multi-factor authentication and partnerships with expert providers.
Source: https://www.techcentral.ie/smes-unprepared-to-defend-against-advanced-cyber-threats/
UK Financial Regulator to Focus on Cyber Defence
The Financial Conduct Authority (FCA) signalled a sharper focus on cyber defence and technology as part of its role in safeguarding national security. Speaking to City leaders, chief executive Nikhil Rathi argued that modern conflict hits balance sheets and markets as much as battlefields, and that the regulator must adapt accordingly. The speech pointed to bolstering operational resilience, tackling systemic tech risks and ensuring boards treat cyber as a strategic threat. Firms should expect closer scrutiny of preparedness and clearer expectations for governance, detection and recovery.
The 10 Biggest Issues CISOs and Cyber Teams Face Today
This piece outlines the pressures security leaders say are hardest right now. Priorities include securing AI infrastructure and data, simplifying sprawling toolsets, addressing talent burnout and budget constraints, and improving basic hygiene while preparing for high-impact incidents. The article stresses that AI use is outpacing guardrails, that misaligned incentives impede progress, and that boards seek clearer metrics tied to business outcomes. Leaders are urged to invest in automation, uplift human factors and embed cyber risk into enterprise decision making with repeatable reporting that executives can act on.
The Cyber Security Perception Gap: Why Executives and Practitioners See Security Differently
The article highlights a widening gap between executive confidence and practitioner reality. Frontline teams report tool complexity, alert fatigue and skills shortages, while leaders assume capabilities are stronger and incidents rarer than they are. The author says this misalignment leads to underfunded controls and delayed responses. Recommendations include rationalising tools, automating routine tasks and establishing common risk language and measures that map to resilience outcomes. Greater transparency on near misses and recovery times is urged so investment tracks real exposure rather than assumed maturity.
Source: https://thehackernews.com/2025/10/the-cybersecurity-perception-gap-why.html
Shadow AI: One In Four Employees Use Unapproved AI Tools, Research Finds
A 1Password report found that 27% of employees use AI tools not approved by their organisation, making shadow AI the second most common form of shadow IT after email. While 73% of workers say their company supports AI use, many bypass policies for convenience or productivity. Risks include data leakage, compliance breaches and malware. The report urges firms to maintain an AI tool inventory, define clear usage policies and limit access to authorised platforms to manage accumulated exposure risks.
Source: https://www.infosecurity-magazine.com/news/shadow-ai-employees-use-unapproved/
LinkedIn Phishing Targets Finance Execs With Fake Board Invites
A phishing campaign on LinkedIn is targeting finance executives with fake invitations to join an investment fund. Messages link to malicious sites that mimic LinkedIn and Microsoft login pages, stealing credentials and session cookies through an adversary-in-the-middle setup. Push Security reports that 34% of phishing attempts now occur outside email, up from under 10% three months ago. Attackers use CAPTCHA and Cloudflare Turnstile to evade scanners. Experts urge executives to verify unexpected LinkedIn messages and avoid clicking shared links.
Social Engineering: Why the ClickFix Malware Attack Just Won’t Go Away
ClickFix remains stubborn because it persuades users to perform the risky action themselves, sidestepping many built-in protections. The article explains how browser prompts trick victims into copying and running commands that fetch malware, and describes FileFix as a related variant that uses File Explorer to trigger the same outcome. As the user initiates execution, technical controls may not trigger, so layered mitigations and user awareness are emphasised. The piece encourages stricter browser security policies and training that flags unusual copy-paste and command execution patterns.
Source: https://www.makeuseof.com/why-clickfix-malware-attack-just-wont-go-away/
New Phishing Attack Using Invisible Characters Hidden in Subject Line
Researchers observed attackers inserting invisible characters into email subject lines that bypass automated filters while appearing normal to users. The technique mixes MIME encoding and Unicode soft hyphens so keyword-based systems miss risky terms. It underscores how social engineering adapts when controls focus on predictable patterns. The article advises updating filter logic to normalise subject strings, strengthening multi-factor authentication, and coaching staff to treat odd formatting as a red flag. It also highlights the need to monitor for anomalies in the way messages appear in different email applications.
Source: https://cybersecuritynews.com/new-phishing-attack-using-invisible-characters/
BT Warns of Soaring Cyber Threats Targeting UK Firms
BT reported a 300% surge in cyber surveillance, with UK businesses now scanned over 4,000 times daily for vulnerabilities. Professional services, retail, and hospitality sectors face the most ransomware activity, with smaller firms hardest hit. BT urges proactive measures to strengthen cyber resilience.
Source: https://www.lawnews.co.uk/cyber/bt-warns-of-soaring-cyber-threats/
Governance, Risk and Compliance
UK financial regulator to focus on cyber defence - UKTN
Enterprises can’t keep a lid on surging cyber incident costs | IT Pro
The Cybersecurity Perception Gap: Why Executives and Practitioners See Risk Differently
CISOs Finally Get a Seat at the Board's Table
BSI Warns of Looming AI Governance Crisis - Infosecurity Magazine
LinkedIn phishing targets finance execs with fake board invites
BT Data Reveals 300% Rise in Cyber Surveillance on Businesses
UK businesses scanned 4000 times a day by hackers - Insurance Post
SMEs unprepared to defend against advanced cyber threats - TechCentral.ie
CFOs Double Down on AI and Cybersecurity as Tariffs Emerge as Major New Threat
Do CISOs need to rethink service provider risk? | CSO Online
The Cybersecurity Shift Every Business Needs to Make Today
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Cyber and AI Oversight Disclosures: What Companies Shared in 2025
70% of CISOs say internal conflicts more damaging than cyberattacks | CSO Online
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware recovery perils: 40% of paying victims still lose their data | CSO Online
Insider Threats Loom while Ransom Payment Rates Plummet - Security Boulevard
QBE predicts 40% rise in ransomware incidents by 2026 | Insurance Times
1 in 4 SMEs face ransomware risk - Shelflife Magazine
New LockBit Ransomware Victims Identified by Security Researchers - Infosecurity Magazine
Why Britain is struggling to stop the ransomware cyberattacks | The Week
Qilin Ransomware Group Publishes Over 40 Cases Monthly - Infosecurity Magazine
Why ransomware group names don’t matter for defense | SC Media
Three Factors Determine Whether a Ransomware Group is Successful - Security Boulevard
Ransomware Hackers Look for New Tactics Amid Falling Profits
Ransomware hackers are now running Linux encryptors in Windows to stay undetected | TechRadar
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks
Cisco, Citrix and SonicWall VPNs connected to higher risk of ransomware infections | TechRadar
Uncovering Qilin attack methods exposed through multiple cases
Surprised, Not Surprised, Ransomware Attacks Have Ticked Up - Security Boulevard
28% of Irish businesses risk closure with one ransomware attack
Pulling the plug: A way to halt a cyber attacker in your network? | Computer Weekly
Next-gen firewalls, VPNs can increase security risks: At-Bay • The Register
180 ransomware attacks plague education sector worldwide in 2025 through Q3 | K-12 Dive
Ransomware Victims
The costliest cyber attack in UK history | PQ Magazine
New LockBit Ransomware Victims Identified by Security Researchers - Infosecurity Magazine
Russian hackers threaten Dublin Airport | Cybernews
More Collins Aerospace Hacking Fallout - InfoRiskToday
TCS denies losing UK’s Marks & Spencer contract over £300 million cyberattack - The Economic Times
Qilin claims pharmacy benefit manager MedImpact | Cybernews
Ransomware gang claims Conduent breach: what you should watch for next | Malwarebytes
Phishing & Email Based Attacks
LinkedIn phishing targets finance execs with fake board invites
New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways
New CoPhish attack steals OAuth tokens via Copilot Studio agents
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Fake LastPass death claims used to breach password vaults
How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist
Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
KnowBe4 Uncovers Surged Abuse of Legitimate Platforms by Cybercriminals in 2025
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
9 in 10 Exchange servers in Germany are out of support • The Register
ClickFix Infrastructure Surprises Inform Better Blocking
Google disputes false claims of massive Gmail data breach
Other Social Engineering
LinkedIn phishing targets finance execs with fake board invites
This new malware attack just wont go away
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Fake LastPass death claims used to breach password vaults
Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
Hackers Use AI to Supercharge Social Engineering Attacks
ClickFix Infrastructure Surprises Inform Better Blocking
BiDi Swap: The bidirectional text trick that makes fake URLs look real
Google study finds Android avoids 58% more spam and scam texts compared to iOS
ICO fines sole trader for allegedly sending 1M spam texts • The Register
Fraud, Scams and Financial Crime
UK Fraud Cases Surge 17% Annually - Infosecurity Magazine
Europol Warns of Rising Threat From Caller ID Spoofing Attacks - Infosecurity Magazine
A Quarter of Scam Victims Have Considered Self-Harm - Infosecurity Magazine
Google study finds Android avoids 58% more spam and scam texts compared to iOS
Investment Scams Spread Across Asia With International Reach - Infosecurity Magazine
Artificial Intelligence
New CoPhish attack steals OAuth tokens via Copilot Studio agents
BSI Warns of Looming AI Governance Crisis - Infosecurity Magazine
AI browsers are the next big target for hackers - Cryptopolitan
AI chatbots are sliding toward a privacy crisis - Help Net Security
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Hackers Use AI to Supercharge Social Engineering Attacks
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc
Are AI browsers worth the security risk? Why experts are worried | ZDNET
Dark AI is fueling cybercrime — and accelerating the cybersecurity arms race - Big Think
AI writes code like a junior dev, and security is feeling it - Help Net Security
AI agents can leak company data through simple web searches - Help Net Security
Chatbots parrot Putin propaganda about Ukraine invasion • The Register
Your photo could be all AI needs to clone your voice - Help Net Security
One In Four Employees Use Unapproved AI Tools, Research Finds - Infosecurity Magazine
Get your news from AI? Watch out - it's wrong almost half the time | ZDNET
AI Search Tools Easily Fooled by Fake Content
First Zero Click Attack Exploits MCP and Connected Popular AI Agents To Exfiltrate Data Silently
One week to opt out or be fodder for LinkedIn AI training • The Register
2FA/MFA
X: Re-enroll 2FA security keys by November 10 or get locked out
Malware
This new malware attack just wont go away
Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
Infostealers Run Wild - DataBreachToday
Hackers steal Discord accounts with RedTiger-based infostealer
Hackers weaponize Telegram messenger with malware to gain system control - Cryptopolitan
Malicious NPM packages fetch infostealer for Windows, Linux, macOS
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
Defenses Need to Adapt, Because the Malware Already Did
DDoS, data theft, and malware are storming the gaming industry - Help Net Security
Bots/Botnets
Botnets Step Up Cloud Attacks Via Flaws, Misconfigs
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
Mobile
Android malware uses random text delays to look more human • The Register
Massive surge of NFC relay malware steals Europeans’ credit cards
Hackers weaponize Telegram messenger with malware to gain system control - Cryptopolitan
Europol Warns of Rising Threat From Caller ID Spoofing Attacks - Infosecurity Magazine
Google study finds Android avoids 58% more spam and scam texts compared to iOS
MPs urge UK government to stop phone theft wave through tech • The Register
Why the 5G symbol on your phone doesn't mean you actually have 5G - BBC News
Denial of Service/DoS/DDoS
Security hole slams Chromium browsers - no fix yet • The Register
DDoS, data theft, and malware are storming the gaming industry - Help Net Security
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed
Internet of Things – IoT
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
How neighbors could spy on smart homes - Help Net Security
Data Breaches/Leaks
Infamous Cybercriminal Forum BreachForums Is Back Again With A New Clear Net Domain
List of Oracle EBS Attack Victims May Be Growing Longer
EY exposed 4TB SQL backup file to open web, researchers say • The Register
Hackers steal Discord accounts with RedTiger-based infostealer
F5 asserts limited impact from prolonged nation-state attack on its systems | CyberScoop
Hackers Allegedly Claim Breach Of HSBC USA Customers' Records Including Financial Details
Human impact of UK's Afghan data disaster revealed to MPs • The Register
When 183 Million Passwords Leak: How One Breach Fuels a Global Threat Chain - Security Boulevard
Email breaches are the silent killers of business growth - Help Net Security
First Zero Click Attack Exploits MCP and Connected Popular AI Agents To Exfiltrate Data Silently
Ransomware gang claims Conduent breach: what you should watch for next | Malwarebytes
What to Do About the Massive Gmail Password Data Leak
Marketing giant Dentsu warns staff after Merkle data raid • The Register
Hackers steal data of fashion retailer Mango’s customers • Graham Cluley
DDoS, data theft, and malware are storming the gaming industry - Help Net Security
Iran’s MOIS-linked Ravin Academy hit by data breach • The Register
UK lotto players land data jackpot thanks to website error • The Register
Organised Crime & Criminal Actors
Infamous Cybercriminal Forum BreachForums Is Back Again With A New Clear Net Domain
UK Fraud Cases Surge 17% Annually - Infosecurity Magazine
Insider Threats Loom while Ransom Payment Rates Plummet - Security Boulevard
72 states sign first global UN Convention against Cybercrime - Help Net Security
Europol Warns of Rising Threat From Caller ID Spoofing Attacks - Infosecurity Magazine
Two U.K. teenagers appear in court over Transport of London cyber attack – DataBreaches.Net
UN Cybercrime Treaty wins dozens of signatories • The Register
Insider Risk and Insider Threats
Insider Threats Loom while Ransom Payment Rates Plummet - Security Boulevard
Insider Threat Prevention - Security Boulevard
Data on Insider Threats Reveal Hidden Risk Patterns
Insurance
Cyber insurance demand rises as global tensions fuel surge in digital threats - BetaNews
New threats spike cyber insurance surge
Supply Chain and Third Parties
Do CISOs need to rethink service provider risk? | CSO Online
NYSDFS Guidance on Managing Risks to Third-Party Service Provider
Google Investigates Weekslong Security Breach Involving Contractor — The Information
UK leads global fight to stop ransomware attacks on supply chains - GOV.UK
Cloud/SaaS
Botnets Step Up Cloud Attacks Via Flaws, Misconfigs
Microsoft: DNS outage impacts Azure and Microsoft 365 services
What to Do About the Massive Gmail Password Data Leak
Germany issues hacked account checklist | Cybernews
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
Microsoft Security Change for Azure Creates Pitfalls
Outages
Microsoft: DNS outage impacts Azure and Microsoft 365 services
Identity and Access Management
Active Directory at Risk Due to Domain-Join Account Misconfigurations
Encryption
Chrome to Make HTTPS Mandatory by Default in 2026 - Infosecurity Magazine
Linux and Open Source
Ransomware hackers are now running Linux encryptors in Windows to stay undetected | TechRadar
Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access
Ultimate Guide to Open Source Security: Risks, Attacks & Defenses - Security Boulevard
Why open source may not survive the rise of generative AI | ZDNET
Passwords, Credential Stuffing & Brute Force Attacks
When 183 Million Passwords Leak: How One Breach Fuels a Global Threat Chain - Security Boulevard
Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums - SecurityWeek
Social Media
LinkedIn phishing targets finance execs with fake board invites
Germany issues hacked account checklist | Cybernews
X: Re-enroll 2FA security keys by November 10 or get locked out
One week to opt out or be fodder for LinkedIn AI training • The Register
Regulations, Fines and Legislation
UK financial regulator to focus on cyber defence - UKTN
Government Shutdown Creates Lapse in Cyber Threat Information Sharing | Alston & Bird - JDSupra
Shutdown Sparks 85% Increase in US Gov't Cyberattacks
US cybersecurity progress is 'slipping,' report warns | American Banker
72 states sign first global UN Convention against Cybercrime - Help Net Security
UN Cybercrime Treaty wins dozens of signatories • The Register
Navigating EMEA Regulatory Compliance for Critical Infrastructure | IT Pro
Navigating NIS2: What Organisations Need to Know as EU Implementation Unfolds | Goodwin - JDSupra
ICO fines sole trader for allegedly sending 1M spam texts • The Register
New York’s Cyber Rules Ramp Up Pressure on Security Officers
Models, Frameworks and Standards
Navigating NIS2: What Organisations Need to Know as EU Implementation Unfolds | Goodwin - JDSupra
Careers, Working in Cyber and Information Security
Cyber Pros Needed: Securing the Middle Ground
Cross-border cooperation can help to tackle global cyber talent shortage
Top tips to prepare for a cybersecurity job interview
Law Enforcement Action and Take Downs
Infamous Cybercriminal Forum BreachForums Is Back Again With A New Clear Net Domain
Two U.K. teenagers appear in court over Transport of London cyber attack – DataBreaches.Net
72 states sign first global UN Convention against Cybercrime - Help Net Security
UN Cybercrime Treaty wins dozens of signatories • The Register
Europol Warns of Rising Threat From Caller ID Spoofing Attacks - Infosecurity Magazine
Ex-US cyber intel exec pleads guilty to selling spy tools to Russian broker | Reuters
Misinformation, Disinformation and Propaganda
Chatbots parrot Putin propaganda about Ukraine invasion • The Register
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
How China really spies on the UK in 2025 - BBC News
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools | CSO Online
Shifting from reactive to proactive: Cyber resilience amid nation-state espionage | CyberScoop
Suspected Chinese snoops weaponize unpatched Windows flaw • The Register
Nation State Actors
China
How China really spies on the UK in 2025 - BBC News
F5 asserts limited impact from prolonged nation-state attack on its systems | CyberScoop
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
Suspected Chinese snoops weaponize unpatched Windows flaw • The Register
Britain Needs China’s Money. It Fears What Comes With It. - The New York Times
US company with access to biggest telecom firms uncovers breach by nation-state hackers | Reuters
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom
US Government Urges Total Ban of Our Most Popular Wi-Fi Router - CNET
Russia
‘I am not a robot’: Russian hackers use fake CAPTCHA lures to deploy espionage tools | CSO Online
Sanctions won’t stop cyberattacks, but they can still "bite" - Help Net Security
Chatbots parrot Putin propaganda about Ukraine invasion • The Register
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks
Nation-State Cyber Ecosystems Weakened by Sanctions, Report Reveals - Infosecurity Magazine
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
Ex-US cyber intel exec pleads guilty to selling spy tools to Russian broker | Reuters
NBC Weapons: Russia Resorts to Chemical Warfare
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed
Iran
Iran’s MOIS-linked Ravin Academy hit by data breach • The Register
North Korea
North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain to Deploy StealerBot Malware
How we linked ForumTroll APT to Dante spyware by Memento Labs | Securelist
Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
Tools and Controls
AI browsers are the next big target for hackers - Cryptopolitan
AI writes code like a junior dev, and security is feeling it - Help Net Security
Shifting from reactive to proactive: Cyber resilience amid nation-state espionage | CyberScoop
Active Directory at Risk Due to Domain-Join Account Misconfigurations
Cyber insurance demand rises as global tensions fuel surge in digital threats - BetaNews
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Are AI browsers worth the security risk? Why experts are worried | ZDNET
AI browsers are a cybersecurity time bomb | The Verge
Cisco, Citrix and SonicWall VPNs connected to higher risk of ransomware infections | TechRadar
CFOs Double Down on AI and Cybersecurity as Tariffs Emerge as Major New Threat
Digital Risk Management Strategies
Why Early Threat Detection Is a Must for Long-Term Business Growth
The State of Exposure Management in 2025: Insights From 3,000+ Organizations
NYSDFS Guidance on Managing Risks to Third-Party Service Provider
Pulling the plug: A way to halt a cyber attacker in your network? | Computer Weekly
Next-gen firewalls, VPNs can increase security risks: At-Bay • The Register
Mozilla: New Firefox extensions must disclose data collection practices
CISA and NSA share tips on securing Microsoft Exchange servers
US Government Urges Total Ban of Our Most Popular Wi-Fi Router - CNET
Vulnerability Management
The State of Exposure Management in 2025: Insights From 3,000+ Organizations
Ultimate Guide to Open Source Security: Risks, Attacks & Defenses - Security Boulevard
9 in 10 Exchange servers in Germany are out of support • The Register
NHS quarantines devices as suppliers drag feet on Windows 11 • The Register
Vulnerabilities
List of Oracle EBS Attack Victims May Be Growing Longer
Microsoft Issues Emergency Patch for Windows Server Bug
CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack
Microsoft WSUS attacks hit 'multiple' orgs, Google warns • The Register
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
Suspected Chinese snoops weaponize unpatched Windows flaw • The Register
Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access
Multiple Oracle VM VirtualBox Vulnerabilities Enables Complete Takeover Of VirtualBox
Year-Old WordPress Plugin Flaws Exploited to Hack Websites - SecurityWeek
Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks
OpenVPN Vulnerability Exposes Linux, MacOS Systems To Script Injection Attacks
New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
Security hole slams Chromium browsers - no fix yet • The Register
Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group
QNAP warns of critical ASP.NET flaw in its Windows backup software
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.