Black Arrow Cyber Threat Intelligence Briefing 09 May 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Our review of threat intelligence this week reports that business email compromise and funds transfer fraud now account for 60% of cyber insurance claims, and that social engineering now accounts for the majority of cyber threats faced by individuals. Attackers continue to exploit human factors, for example posing as staff to manipulate help desks to grant access to systems as seen in the recent wave of cyber attacks in the UK retail sector. These incidents reinforce the critical importance of layered identity verification, rigorous staff awareness and crisis planning across all sectors.
The growing scale and cost of cyber attacks, now exceeding £64 billion annually for UK firms, highlights a pressing need for resilience over reactivity as a high percentage of affected companies enter insolvency proceedings or file for bankruptcy. Ransomware, social engineering, and password reuse result in operational and reputational harm. Organisations need dedicated cyber leadership, and to avoid a compliance-led approach. Proactive governance and stronger board accountability must become standard practice.
From boardroom data exposure to state-sponsored espionage risks linked to Chinese electric vehicles, the threat landscape is increasingly complex. We continue to warn that both SMEs and large enterprises face escalating risks from persistent attackers, many leveraging phishing-as-a-service platforms or exploiting geopolitical tensions. Now more than ever, cyber security must be embedded in leadership thinking, supply chain oversight, and incident readiness.
Top Cyber Stories of the Last Week
Email-Based Attacks Top Cyber Insurance Claims
Coalition’s 2025 Cyber Claims Report found that business email compromise and funds transfer fraud (FTF) made up 60% of all claims in 2024, with BEC incidents alone averaging $35,000 per event. While ransomware losses were far higher at $292,000 on average, their severity dropped by 7%. Email-based attacks remain the most persistent risk, with nearly a third of BEC incidents also leading to FTF.
Hackers Pose as Staff in UK Retail Cyber Strikes
The UK’s National Cyber Security Centre (NCSC) has issued a critical alert following a wave of cyber attacks targeting major retailers, including M&S, Co-op and Harrods. Criminals posed as IT staff or locked-out employees to manipulate help desk staff into resetting passwords, allowing unauthorised access to internal systems. The attackers, identifying as “DragonForce”, claimed responsibility for data breaches and appear to use methods similar to those of other financially motivated threat groups. The NCSC is urging firms to tighten authentication for help desk processes, particularly for senior staff, and to adopt multi-factor checks and identity code words.
High Profile UK Cyber Attacks Underscore the Case for Resilience over Reactivity
The series of recent cyber attacks on major UK retailers highlights the growing complexity and impact of digital threats. Disruption has ranged from payment failures and warehouse shutdowns to reputational damage, underscoring that cyber resilience is now critical to business continuity. Experts stress that traditional, compliance-led approaches are no longer enough; organisations must adopt Zero Trust principles, enforce multi-factor authentication, and monitor third-party access. With techniques such as credential theft and ransomware increasingly used, cyber security must be treated as a board-level issue embedded in governance, operations and crisis planning.
Cyber Attacks Are Costing UK Firms Billions Every Year: Ransom Payments, Staff Overtime, and Lost Business Are Crippling Victims
Cyber attacks are costing UK businesses £64 billion annually, with over half suffering at least one attack in the past year. Phishing, malware, and online banking threats were the most common, and nearly two-thirds cited staff overtime as a major cost. Direct losses totalled £37 billion, with indirect impacts like increased cyber security budgets and lost clients adding over £26 billion more. Alarmingly, 1 in 8 affected firms entered administration. Despite this, 15% of businesses have no cyber security budget, and nearly half manage risks entirely in-house, underscoring the urgent need for proactive investment in cyber resilience.
Don’t Plug Phones into Chinese Electric Cars, Defence Firms Warn
Defence and intelligence firms are warning staff not to connect phones via cable or Bluetooth to Chinese-made electric vehicles due to fears of state-sponsored espionage. The UK Ministry of Defence has already restricted EV access on military sites, citing findings from the Defence Science and Technology Laboratory that EVs may pose national security risks. Defence suppliers including BAE Systems and Rolls-Royce are advising precautions as all connected vehicles potentially expose sensitive data to foreign interception.
94% of Leaked Passwords Are Not Unique
A new study of over 19 billion leaked passwords has found that 94% are reused or duplicated, leaving users highly vulnerable to cyber attacks. Common entries like “123456”, “admin”, and “password” remain prevalent, with over 700 million instances of “1234” alone. Many systems still rely on default credentials, which users often fail to change. Only 6% of passwords were found to be unique and relatively secure. The report highlights the urgent need for organisations to enforce strong password policies, promote the use of password managers and multi-factor authentication, and regularly monitor for credential leaks.
Personal Data of Top Executives Easily Found Online
Incogni has found that over 75% of corporate board members have personal information including home addresses and family links readily available on people search websites. Exposure is highest in consumer staples (84%), industrials (81%), and technology (77%) sectors, with 26% of board members appearing on more than 20 such sites. Notably, exposure is unrelated to company size, affecting firms with revenues both above $50 billion and below $10 billion equally. The report warns that any organisation, regardless of profile, could face reputational or security risks if senior leaders’ private data remains unprotected online.
The SMB Cyber Security Gap: High Awareness, Low Readiness
CrowdStrike’s latest survey reveals that while 90% of small and midsize business (SMB) leaders recognise cyber threats as a business risk, only 42% provide regular cyber security training. Cost remains the top barrier to better protection, with two-thirds citing it as their primary challenge, yet cutting corners often results in ineffective defences. Smaller firms are disproportionately vulnerable, with 75% of micro-businesses admitting a ransomware attack could shut them down. The report urges stronger vendor support and practical guidance to help SMBs close this growing readiness gap.
How Cyber Criminals Exploit Psychological Triggers in Social Engineering Attacks
Avast reports that social engineering now accounts for the majority of cyber threats faced by individuals in 2024. These attacks exploit human psychology using authority, urgency, and familiarity to bypass technical controls, with tactics ranging from phishing and fake system prompts to deepfake video calls. One such attack resulted in the theft of over $25 million from a global firm. Even security experts are being caught out, highlighting the sophistication of these scams. The report underscores the need for strong identity verification, multi-factor authentication, and regular staff training to mitigate the growing risks posed by these increasingly deceptive methods.
Darcula Phishing as a Service Operation Snares 800,000+ Victims
A sophisticated phishing-as-a-service operation known as Darcula has enabled cyber criminals to compromise over 880,000 payment cards in just seven months. Targeting mobile users globally through SMS, RCS and iMessage, the operation impersonates trusted brands to deceive victims into submitting sensitive information. Researchers uncovered a toolkit named “Magic Cat” at the core of the operation, designed to support non-technical actors with ready-made templates and real-time data streaming. With an estimated 600 cyber crime groups using the platform, law enforcement agencies across multiple jurisdictions have been alerted to the growing threat.
Cyber Criminals Hold Britain’s Boardrooms to Ransom
Cyber attacks have impacted over half of UK firms with ransomware the most damaging threat. High-profile breaches, such as the one affecting M&S, highlight how attacks can cripple operations for weeks and damage share value: M&S alone saw a billion wiped from its market cap. Experts warn that hybrid working, third-party suppliers, and boardroom inexperience are compounding risks, as only 26% of company boards now include a director with cyber responsibility. Despite rising adoption of cyber insurance, it is no substitute for robust cyber security controls.
UK at Risk of Russian Cyber and Physical Attacks as Ukraine Seeks Peace Deal
The UK faces an increasing threat from Russian cyber and physical sabotage as Ukraine moves closer to a peace deal, according to the head of the National Cyber Security Centre. Over 200 cyber incidents have been managed since September 2024, with twice as many nationally significant cases compared to the previous year. Russian intelligence is reportedly using criminal proxies to carry out sabotage, while Iranian, North Korean, and Chinese actors also pose growing risks. The UK government warns that hostile states are using cyber attacks to pursue strategic objectives, often operating in the “grey zone” with plausible deniability.
Sources:
https://www.darkreading.com/cyber-risk/email-based-attacks-cyber-insurance-claims
https://www.scworld.com/brief/hackers-pose-as-it-staff-in-uk-retail-cyber-strikes
https://www.itpro.com/security/cyber-attacks/cyber-attacks-cost-uk-firms-64-billion-each-year
https://www.helpnetsecurity.com/2025/05/07/corporate-directors-personal-information-online/
https://www.msspalert.com/news/the-smb-cybersecurity-gap-high-awareness-low-readiness
https://www.helpnetsecurity.com/2025/05/06/social-engineering-human-behavior/
https://www.infosecurity-magazine.com/news/darcula-phishing-as-a-service/
Governance, Risk and Compliance
UK firms have ‘alarming gaps’ in cyber security readiness | The Standard
UK retail cyber-attacks underscore the case for resilience over reactivity
UK given cyber wake-up call as government looks to act
Government to unveil new cyber security measures after wave of attacks | The Standard
Are You Too Reliant on Third-Party Vendors for Cyber Security? - Security Boulevard
Personal data of top executives easily found online - Help Net Security
The SMB Cyber Security Gap: High Awareness, Low Readiness | MSSP Alert
Building a resilient mindset | The Independent
Cyber resilience is the strategy: Why business and security must align now | SC Media
How CISOs can talk cyber security so it makes sense to executives - Help Net Security
CIOs pay too much for not enough IT security | CIO Dive
CISO vs CFO: why are the conversations difficult? | CSO Online
CISOs Transform Into Business-Critical Digital Risk Leaders
Global cyber security readiness remains critically low - Help Net Security
81% of High-Uncertainty Middle-Market Firms Delay Tech Initiatives
Threats
Ransomware, Extortion and Destructive Attacks
UK businesses lost £64bn to cyber-attacks over a three-year period - UKTN
Don't pay hackers: Cyber Security chief's warning after major retail attacks | ITV News
Cyber Attacks on Critical Infrastructures Makes Us Very Vulnerable - Security Boulevard
Why Ransomware Isn’t Just a Technology Problem (It’s Worse) - Security Boulevard
Ransomware spike exposes cracks in cloud security - Help Net Security
Have Cyber Insurance? The Preferred Victims Of Ransomware Attackers - Above the Law
New "Bring Your Own Installer" EDR bypass used in ransomware attack
Play ransomware exploited Windows logging flaw in zero-day attacks
Govt to inject £16m into retail cyber security
LockBit ransomware gang hacked, victim negotiations exposed
Qilin Has Emerged as The Top Ransomware Group in April with 74 Cyber Attacks
Ransomware Attackers Leveraged Privilege Escalation Zero-day | Symantec Enterprise Blogs
Coalition 2025 Cyber Claims Report Finds Ransomware Stabilized but Remains Costly for Businesses
Ukrainian Nefilim Ransomware Affiliate Extradited to US - SecurityWeek
US Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
Kickidler employee monitoring software abused in ransomware attacks
470 Ransomware Attacking in 2025, Qilin Remains Dominant Followed by Silent & Crypto24
Ransomware Victims
Despite Arrests, Scattered Spider Continues Hacking
Britain to warn companies cyber security must be 'absolute priority' - The Economic Times
Cyber criminals hold Britain's boardrooms to ransom | This is Money
M&S hackers tricked IT help desk workers to access company systems, says report | The Independent
Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks - Infosecurity Magazine
Co-op cyber attack: supermarket cuts off store deliveries amid food shortage fears
UK retailers under attack: why hackers hit household names
Why Are So Many UK Supermarkets Getting Hacked? | HuffPost UK Life
IT warning after hackers close 160-year-old firm in Kettering - BBC News
Banking Customer Data Exposed Following Ransomware Attack on Vendor | MSSP Alert
Co-op left with empty shelves as it battles cyber attack
Marks & Spencer losses hit £1bn in wake of devastating cyber attacks | This is Money
Rhysida Ransomware gang claims the hack of the Government of Peru
West Lothian schools hit by ransomware cyber attack - BBC News
Lessons Learned from the Blackbaud Hack and Legal Fallout
German drinks group Oettinger confirms cyber attack - Just Drinks
After Hacking 60M Kids for Ransom, PowerSchool Attackers Extort Teachers
TDSB says it got ransom demand over stolen student data not destroyed in cyber security incident
Masimo Manufacturing Facilities Hit by Cyber Attack - SecurityWeek
Phishing & Email Based Attacks
Gen AI is great at phishing, pig butchering scams • The Register
'Venom Spider' Targets Hiring Managers in Phishing Scheme
Beyond the hook: How phishing is evolving in the world of AI | Computer Weekly
Darcula Phishing as a Service Operation Snares 800,000+ Victims - Infosecurity Magazine
Microsoft enforces strict rules for bulk emails on Outlook - gHacks Tech News
Ransomware costs ease but email-based attacks dominate, Coalition reports - Reinsurance News
'CoGUI' Phishing Kit Helps Chinese Hackers Target Japan
Sophisticated Phishing Attack Abuses Discord & Attacked 30,000 Users
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Majority of cyber insurance ransomware claims are due to BEC
Email-Based Attacks Top Cyber Insurance Claims
Other Social Engineering
How cyber criminals exploit psychological triggers in social engineering attacks - Help Net Security
Hackers pose as IT staff in UK retail cyber strikes | SC Media
Marks & Spencer losses hit £1bn in wake of devastating cyber attacks | This is Money
Cyber attack on M&S should be 'wake-up call', minister warns | Politics News | Sky News
Personal data of top executives easily found online - Help Net Security
Darcula PhaaS steals 884,000 credit cards via phishing texts
North Korean hackers show telltale signs, researchers say | SC Media
The many variants of the ClickFix social engineering tactic - Help Net Security
Wave of tech layoffs leads to more job scams - Help Net Security
How to spot and expose fraudulent North Korean IT workers | TechTarget
Crypto scammers abuse X ads with spoofed links | Cybernews
Fraud, Scams and Financial Crime
Gen AI is great at phishing, pig butchering scams • The Register
Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable - Help Net Security
Darcula PhaaS steals 884,000 credit cards via phishing texts
Wave of tech layoffs leads to more job scams - Help Net Security
Artificial Intelligence
Gen AI is great at phishing, pig butchering scams • The Register
UK Warns of AI-Based Attacks Against Critical Infrastructure
UK critical systems at risk from ‘digital divide’ created by AI threats | Computer Weekly
1 in 3 workers keep AI use a secret - Help Net Security
Beyond the hook: How phishing is evolving in the world of AI | Computer Weekly
Cisco sounds the alarm over AI security threats
Global cyber security readiness remains critically low - Help Net Security
AI vs. AI: Both Friend and Foe in Cyber Security - EE Times
Most CEOs find their C-suite lacks much-needed 'AI-savvy' | ZDNET
2FA/MFA
Nation-State Actors Continue to Exploit Weak Passwords, MFA
Malware
Hackers Using Weaponized PDF To Deliver Remcos RAT Malware on Windows
StealC malware enhanced with stealth upgrades and data theft tools
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
Linux wiper malware hidden in malicious Go modules on GitHub
Activated Magento Backdoor Hits Up to 1,000 Online Stores
Google identifies new malware linked to Russia-based hacking group | Reuters
Macs under threat from thousands of hacked sites spreading malware — how to stay safe | Tom's Guide
The many variants of the ClickFix social engineering tactic - Help Net Security
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
Supply chain attack hits npm package with 45,000 weekly downloads
Crypto scammers abuse X ads with spoofed links | Cybernews
Your USB Cable Or Device Could Be Hiding Malicious Hardware: Here's How To Stay Safe
Disney Slack hacker was Californian, not Russian: DoJ • The Register
Bots/Botnets
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet - SecurityWeek
Mobile
Apple issues mercenary spyware threat notifications | Security Magazine
Why Android users should care more about monthly security updates
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Google fixes actively exploited FreeType flaw on Android
Google Confirms Android Attack Warnings — Powered By AI
Denial of Service/DoS/DDoS
Europol Take Down DDoS-for-Hire Empire & Arrested 4 Admins
Europol Announces More DDoS Service Takedowns, Arrests - SecurityWeek
Internet of Things – IoT
Don’t plug phones into Chinese electric cars, defence firms say
Hackers Manage To Take Control of Nissan Leaf's Steering Remotely
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Please stop exposing your IoT devices on the internet; your smart light might betray you
Data Breaches/Leaks
Dating app Raw exposed users' location data and personal information | TechCrunch
Signal clone used by Trump official stops operations after report it was hacked - Ars Technica
The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats | WIRED
UK Legal Aid Agency investigates cyber security incident
VC firm Insight Partners confirms personal data stolen during January hack | TechCrunch
Education giant Pearson hit by cyber attack exposing customer data
Hegseth bypassed Pentagon security with dirty line
Texas School District Notifies Over 47,000 People of Major Data Breach - Infosecurity Magazine
Organised Crime & Criminal Actors
Despite Arrests, Scattered Spider Continues Hacking
War on cyber crime: why disrupting attacker infrastructure is critical for security
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
Crypto scammers abuse X ads with spoofed links | Cybernews
Insider Risk and Insider Threats
How cyber criminals exploit psychological triggers in social engineering attacks - Help Net Security
North Korean hackers show telltale signs, researchers say | SC Media
How to spot and expose fraudulent North Korean IT workers | TechTarget
The Most Pressing Security Threat to Business is Hidden in Plain Sight - Security Boulevard
Insurance
Email-Based Attacks Top Cyber Insurance Claims
UK Cyber Insurance Claims Second Highest on Record - Infosecurity Magazine
Have Cyber Insurance? The Preferred Victims Of Ransomware Attackers - Above the Law
A guide to cyber liability insurance for a small business
ABA & Cyber Insurance: Essential IT Requirements for Small Law Firms - LexBlog
Supply Chain and Third Parties
Magento supply chain attack compromises hundreds of e-stores
EY Survey Reveals Rising Cyber Threats from Third-Party Supply Chain Risks
Banking Customer Data Exposed Following Ransomware Attack on Vendor | MSSP Alert
Supply chain attack hits npm package with 45,000 weekly downloads
Activated Magento Backdoor Hits Up to 1,000 Online Stores
Cloud/SaaS
Ransomware spike exposes cracks in cloud security - Help Net Security
New Microsoft 365 outage impacts Teams and other services
Outages
New Microsoft 365 outage impacts Teams and other services
Encryption
After Signal controversy, do private conversations online exist anymore? | CyberScoop
WhatsApp provides no cryptographic management for group messages - Ars Technica
Just 5% of Enterprises Have Deployed Quantum-Safe Encryption - Infosecurity Magazine
Linux and Open Source
Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US | WIRED
Linux wiper malware hidden in malicious Go modules on GitHub
DoD announces overhaul of 'outdated' software procurement • The Register
Passwords, Credential Stuffing & Brute Force Attacks
A whopping 94% of leaked passwords are not unique - will you people ever learn? | ZDNET
A review of 19 billion passwords reveals people are still bad at them | Mashable
Third of Online Users Hit by Account Hacks Due to Weak Passwords - Infosecurity Magazine
Nation-State Actors Continue to Exploit Weak Passwords, MFA
Microsoft sets all new accounts passwordless by default
If we don’t take cyber security seriously, maybe AI will | Cybernews
Social Media
Crypto scammers abuse X ads with spoofed links | Cybernews
Ireland's DPC fined TikTok €530M for sending EU user data to China
Trump promises protection for TikTok as sale deadline nears • The Register
TikTok Fined €530 Million Over Chinese Access to EU Data
Regulations, Fines and Legislation
UK firms have ‘alarming gaps’ in cyber security readiness | The Standard
UK given cyber wake-up call as government looks to act
UK Government to unveil new cyber security measures after wave of attacks | The Standard
What NY's New Security Rules Mean for Finance Firms
What a future without CVEs means for cyber defence - Help Net Security
Ireland's DPC fined TikTok €530M for sending EU user data to China
The nation’s cyber community is quietly rebelling against Trump’s changes - POLITICO
Cut CISA & Everyone Pays for It
Offensive cyber security to be emphasized by Trump admin, official says | SC Media
TikTok Fined €530 Million Over Chinese Access to EU Data
Signal app clone used by Trump's administration was hacked in less than 30 mins - SiliconANGLE
White House Proposal Slashes Half-Billion From CISA Budget - SecurityWeek
Sen. Murphy: Trump administration has ‘illegally gutted funding for cyber security’ | CyberScoop
The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats | WIRED
The Trump Administration Sure Is Having Trouble Keeping Its Comms Private | WIRED
Models, Frameworks and Standards
UK Cyber Essentials Certification Numbers Falling Short - Infosecurity Magazine
Data Protection
Ireland's DPC fined TikTok €530M for sending EU user data to China
Careers, Working in Cyber and Information Security
The 14 most valuable cyber security certifications | CSO Online
Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring | Computer Weekly
Law Enforcement Action and Take Downs
Despite Arrests, Scattered Spider Continues Hacking
War on cyber crime: why disrupting attacker infrastructure is critical for security
Israel Nabs Suspect Sought by US Over $190M Nomad Bridge Exploit: Report - Decrypt
Polish authorities arrested 4 people behind DDoS-for-hire platforms
Europol Take Down DDoS-for-Hire Empire & Arrested 4 Admins
Three Brits charged over US, Canada swattings • The Register
Ukrainian Nefilim Ransomware Affiliate Extradited to US - SecurityWeek
US Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
Disney Slack hacker was Californian, not Russian: DoJ • The Register
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Cyber Warfare's Limitations: Lessons for Future Conflicts
41 Countries Taking Part in NATO's Locked Shields 2025 Cyber Defence Exercise - SecurityWeek
Cyber Warfare Funding Accelerates and Everyone is at Risk - Security Boulevard
Nuclear warheads and cyber attacks: How UK must react to Russia threat
Could striking first in cyber be new Pentagon policy? - Defense One
Countries Begin NATO's Locked Shields Cyber-Defence Exercise
Nation State Actors
Nation-State Actors Continue to Exploit Weak Passwords, MFA
Hostile nation states are ramping up cyber attacks on UK, warns GCHQ | This is Money
China
Don’t plug phones into Chinese electric cars, defence firms say
White House Warns China of Cyber Retaliation Over Infrastructure Hacks - Infosecurity Magazine
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
'CoGUI' Phishing Kit Helps Chinese Hackers Target Japan
Ireland's DPC fined TikTok €530M for sending EU user data to China
TikTok Fined €530 Million Over Chinese Access to EU Data
Trump promises protection for TikTok as sale deadline nears • The Register
Russia
UK at risk of Russian cyber and physical attacks as Ukraine seeks peace deal
Nuclear warheads and cyber attacks: How UK must react to Russia threat
Google identifies new malware linked to Russia-based hacking group | Reuters
Poland says Russia is trying to interfere in presidential election | Reuters
Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US | WIRED
Pro-Russian hackers claim to have targeted several UK websites | Cybercrime | The Guardian
Convicted Russian spies attended Brexit event in Parliament - BBC News
North Korea
North Korean hackers show telltale signs, researchers say | SC Media
How to spot and expose fraudulent North Korean IT workers | TechTarget
Tools and Controls
Email-Based Attacks Top Cyber Insurance Claims
UK retail cyber-attacks underscore the case for resilience over reactivity
Building a resilient mindset | The Independent
Cyber resilience is the strategy: Why business and security must align now | SC Media
Security Tools Alone Don't Protect You — Control Effectiveness Does
Personal data of top executives easily found online - Help Net Security
Are You Too Reliant on Third-Party Vendors for Cyber Security? - Security Boulevard
41 Countries Taking Part in NATO's Locked Shields 2025 Cyber Defence Exercise - SecurityWeek
Hacker Finds New Technique to Bypass SentinelOne EDR Solution - Infosecurity Magazine
How CISOs can talk cyber security so it makes sense to executives - Help Net Security
CIOs pay too much for not enough IT security | CIO Dive
CISO vs CFO: why are the conversations difficult? | CSO Online
What it really takes to build a resilient cyber program - Help Net Security
A guide to cyber liability insurance for a small business
How OSINT supports financial crime investigations - Help Net Security
Microsoft enforces strict rules for bulk emails on Outlook - gHacks Tech News
81% of High-Uncertainty Middle-Market Firms Delay Tech Initiatives
How to use PC sandbox apps to test dubious files safely | PCWorld
Countries Begin NATO's Locked Shields Cyber-Defence Exercise
ABA & Cyber Insurance: Essential IT Requirements for Small Law Firms - LexBlog
Reports Published in the Last Week
Other News
UK businesses lost £64bn to cyber-attacks over a three-year period - UKTN
Hostile nation states are ramping up cyber attacks on UK, warns GCHQ | This is Money
The SMB Cyber Security Gap: High Awareness, Low Readiness | MSSP Alert
"Nationally Significant" Cyber-Attacks Have Doubled, UK’s NCSC Reports - Infosecurity Magazine
UK Cyber Insurance Claims Second Highest on Record - Infosecurity Magazine
Half of Irish firms have fallen victim to cyber crime in past five years
Delta Air Lines class action cleared for takeoff • The Register
US tells CNI orgs to stop connecting OT kit to the web | Computer Weekly
US government warns of "unsophisticated" hackers targeting oil and gas systems | TechRadar
Almost half of Flemish companies suffered cyber attack last year
Cyber Attacks Targeting US Increased by 136% | Security Magazine
Countries Begin NATO's Locked Shields Cyber-Defence Exercise
Vulnerability Management
Why Android users should care more about monthly security updates
What a future without CVEs means for cyber defence - Help Net Security
Cut CISA & Everyone Pays for It
White House Proposal Slashes Half-Billion From CISA Budget - SecurityWeek
Life Without CVEs? It's Time to Act
Vulnerabilities
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
PoC Published for Exploited SonicWall Vulnerabilities - SecurityWeek
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
Hackers Selling SS7 0-Day Vulnerability on Hacker Forums for $5000
Second Wave of Attacks Targets SAP NetWeaver | MSSP Alert
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
Cisco Patches 35 Vulnerabilities Across Several Products - SecurityWeek
FBI: End-of-life routers hacked for cyber crime proxy networks
Researcher Says Fixed Commvault Bug Still Exploitable
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet - SecurityWeek
Apache Parquet exploit tool detect servers vulnerable to critical flaw
Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations - SecurityWeek
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.