Black Arrow Cyber Threat Intelligence Briefing 16 May 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
There has been a continued rise in the sophistication and scale of social engineering threats, particularly phishing campaigns enhanced by generative AI. These attacks increasingly bypass traditional filters and exploit executive impersonation, with one malicious email now detected every 42 seconds. Simultaneously, criminal groups are embedding themselves within corporate environments for prolonged periods, enabled by ransomware-as-a-service and AI-driven deception. This underscores the need for continuous monitoring, behaviour-based threat detection, and stronger identity verification practices across organisations.
Meanwhile, the global cyber threat landscape is becoming more fragmented and unpredictable. Ransomware gangs are operating without clear allegiances, making extortion attempts more erratic and harder to trace. At the same time, state-aligned actors, including North Korean IT operatives, are covertly infiltrating Western businesses under fake identities, exploiting remote work trends to fund illicit national objectives. Despite growing investment, nearly three-quarters of CISOs admit incidents caused by unknown or unmanaged assets—highlighting the critical importance of full visibility across the digital estate.
We believe boards must move from passive oversight to active engagement. The UK’s new Cyber Governance Code of Practice reflects this shift, encouraging directors to treat cyber risk as integral to business resilience. As threats intensify, governance, testing, and strategic communication must become core pillars of cyber readiness.
Top Cyber Stories of the Last Week
Thousands of UK Companies 'Could Have M&S-Style Hackers Waiting in Their Systems'
There are warnings that a growing number of UK businesses may already be compromised, with attackers silently embedded in their systems awaiting the right moment to strike. This follows a surge in high-profile incidents including M&S, the Coop, Dior and Harrods, linked to an evolution of criminal tactics. The emergence of ‘ransomware-as-a-service’ is enabling less skilled actors to launch sophisticated attacks using pre-built tools. Combined with generative AI-enhanced social engineering, the risk landscape is becoming more unpredictable. Many firms remain unaware of these intrusions until damage is done, highlighting the urgent need for continuous monitoring and stronger internal controls.
North Korean IT Workers Are Being Exposed on a Massive Scale, Potentially Thousands of Businesses Infiltrated
North Korean IT workers are increasingly infiltrating Western businesses by posing as legitimate remote developers, generating hundreds of millions of dollars annually to fund the regime’s weapons programmes and evade sanctions. A new report has exposed over 1,000 email addresses linked to these operations, with individuals often using fake identities, AI tools, and face-changing software to secure roles. Despite operating globally from Laos to Russia, many leave digital trails that reveal their activities. The scale and adaptability of these operations, likened to a state-run crime syndicate, underline the need for tighter scrutiny of remote hiring and identity verification processes.
‘They Yanked Their Own Plug’: How Co-op Averted an Even Worse Cyber Attack
The UK supermarket chain Co-op appears to have avoided a more severe cyber attack by rapidly disconnecting its systems after detecting malicious activity, a decision that disrupted operations but ultimately prevented ransomware deployment. In contrast, M&S suffered greater system compromise, with ongoing issues affecting online orders and store operations. The incident is costing M&S an estimated £43 million per week. The cyber crime group responsible, linked to a service known as DragonForce, claims to have accessed both retailers’ networks. Co-op’s swift response is viewed by experts as a decisive move that limited long-term damage but highlighted the continuing challenge of restoring public trust.
UK Government Publishes New Software and Cyber Security Codes of Practice
The UK government has introduced two new voluntary codes to help raise standards in cyber security and software resilience. The Cyber Governance Code of Practice, aimed at boards and directors of medium and large organisations, sets out how leadership teams should govern and monitor cyber security risks. It encourages directors to embed cyber governance into business risk management, focusing on oversight rather than operational duties. Complementing this, the Software Security Code of Practice outlines 14 principles for secure software development and maintenance, aligned with international frameworks. While voluntary, both codes may soon influence contractual requirements in supply chains.
Ransomware and the Board’s Role: What You Need to Know
Ransomware continues to escalate in scale and complexity, with attackers leveraging AI, remote work gaps, and third-party exposures to increase pressure on organisations. Boards are being urged to actively engage in cyber resilience planning, ensuring foundational controls such as multi-factor authentication, immutable backups, and incident response protocols are in place. Emphasis is also placed on testing recovery capabilities, reviewing cyber insurance terms, and rehearsing decision-making through tabletop exercises. Crucially, boards must prepare for the strategic, legal and reputational implications of whether to pay a ransom, with pre-agreed decision frameworks now seen as essential for effective crisis response.
73% of CISOs Admit Security Incidents Due to Unknown or Unmanaged Assets
Nearly three-quarters of cyber security leaders admit to experiencing security incidents due to unknown or unmanaged assets within their IT environments. Despite 90% acknowledging that attack surface management directly affects business risk, fewer than half of organisations have dedicated tools in place, and 58% lack continuous monitoring. The consequences of inaction are wide-ranging, with leaders citing risks to business continuity, customer trust, financial performance, and supplier relationships. As digital infrastructures grow more complex, firms are being urged to treat cyber risk management as a strategic priority rather than a technical afterthought.
AI Is Making Phishing Emails Far More Convincing with Fewer Typos and Better Formatting: Here’s How to Stay Safe
AI is transforming phishing into a more dangerous and convincing threat. New analysis shows that email-based scams have risen by 70% year-on-year, with one malicious message detected every 42 seconds. These attacks now feature flawless grammar, professional formatting, and realistic sender details, often impersonating senior executives. Traditional email filters are struggling, particularly against polymorphic attacks that constantly change to evade detection. Over 40% of malware in these campaigns is newly observed, including remote access tools. With generative AI accelerating this trend, organisations must shift from legacy defences to behaviour-based threat detection and strengthen verification procedures across the organisation.
Ransomware Enters ‘Post-Trust Ecosystem’
Ransomware threats have entered a new, more fragmented era, where traditional trust between cyber criminals has broken down following major law enforcement operations. High-profile takedowns in 2024 disrupted dominant ransomware groups, leading to reduced ransom payments and a shift away from large, centralised platforms. The result is a more unpredictable threat landscape, marked by agile, peer-to-peer groups and an increase in encryption-less extortion. This decentralisation, alongside the rise of ransomware ‘cartels’, signals an evolution in attacker tactics that is lowering entry barriers and complicating defensive strategies for organisations of all sizes.
Sim-Swap Fraud Rises by 1,000%: Why You Should Use App-Based, not SMS-Based, Two-Factor Authentication
Sim-swap fraud in the UK has surged by over 1,000%, with nearly 3,000 cases reported in 2024, up from just 289 the previous year. Criminals exploit mobile phone providers to hijack victims' numbers, bypassing SMS-based two-factor authentication and gaining access to personal accounts. Older consumers and sectors like retail and telecoms are particularly vulnerable. The rise of eSims is expected to further increase risk. In one case, a victim lost £50,000 while abroad after fraudsters took control of his accounts. Organisations are urged to strengthen identity verification processes and encourage customers to use app-based authentication methods where possible.
Cyber Threats Outpace Global Readiness
The World Economic Forum has found that cyber threats are accelerating faster than many nations and organisations can respond, with 72% of businesses reporting an increasingly risky environment. Nearly 60% have already revised their cyber security strategies in response to global tensions and emerging threats. Despite progress in areas like infrastructure protection and public-private collaboration, most national approaches remain underdeveloped, especially in supporting small businesses and defining measurable outcomes. Just 14% of organisations feel fully prepared, highlighting a growing skills gap and the need for cyber security to be treated not only as risk mitigation but as a driver of trust and innovation.
CISOs Must Speak Business to Earn Executive Trust
Many business leaders still view cyber security as a barrier to speed and innovation, rather than a business enabler. There’s an argument that this perception must shift, with CISOs framing their role in terms of operational efficiency, resilience, and growth. By automating security controls and embedding them within business functions, CISOs can eliminate bottlenecks while reducing risk. Influence grows when security is expressed in business terms, highlighting revenue protection, risk-adjusted innovation, and customer trust. Effective CISOs use clear data, visual storytelling, and scenario-based dialogue to demonstrate value, helping boards see cyber security as a strategic partner rather than a cost centre.
Downing St Updating Secret Contingencies for Russia Cyber Attack, Report Claims
The UK government is reportedly updating its national defence strategy to reflect the rising threat of state-backed cyber attacks, particularly from Russia. The revised plans will, for the first time, include specific scenarios involving cyber attacks on critical infrastructure such as power grids, gas terminals and undersea cables. The existing contingency plan, last updated in 2005, is considered outdated given today’s cyber threat landscape. A recent risk assessment warned that such attacks could cause civilian casualties and severe disruption to essential services. Ministers are now preparing strategies for maintaining government operations during wartime or major national emergencies.
Sources:
https://www.wired.com/story/north-korean-it-worker-scams-exposed/
https://www.bbc.co.uk/news/articles/cwy382w9eglo
https://corpgov.law.harvard.edu/2025/05/10/ransomware-and-the-boards-role-what-you-need-to-know/
https://www.csoonline.com/article/3980431/more-assets-more-attack-surface-more-risk.html
https://www.infosecurity-magazine.com/news/ransomware-enters-posttrust/
https://www.scworld.com/brief/report-cyber-threats-outpace-global-readiness
Governance, Risk and Compliance
A third of enterprises have been breached despite increased cyber security investment | TechRadar
Why Every CISO Should Be Gunning For A Seat At The Board Table
The CIO Role Is Expanding -- And So Are the Risks of Getting It Wrong
Fostering Resilience in Cybersecurity: Prevent Burnout and Enhance Sec Ops | MSSP Alert
Ransomware and the Board’s Role: What You Need to Know
Report: Cyber threats outpace global readiness | SC Media
CISOs must speak business to earn executive trust - Help Net Security
Cyber cover needs to be a board conversation business chiefs warned
What is business resilience? | Definition from TechTarget
How to Successfully Evaluate IT Project Risk
Tackling threats and managing budgets in an age of AI - Tech Monitor
CIOs paying too much for not enough IT security - survey - TechCentral.ie
Infosec Layoffs Aren't the Bargain Boards May Think
Building Effective Security Programs Requires Strategy, Patience, and Clear Vision
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware Enters ‘Post-Trust Ecosystem,’ NCA Cyber Expert Says - Infosecurity Magazine
UK retailers face 10% rises in premiums after cyber attacks
Ransomware and the Board’s Role: What You Need to Know
The ransomware landscape in 2025 | Kaspersky official blog
Artificial Intelligence Fuels New Wave of Complex Cyber Attacks Challenging Defenders
Companies take an average of four months to report a ransomware attack
Data Exfiltration is the New Ransomware in Evolving Cyber Landscape
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
Ransomware spreads faster, not smarter - Help Net Security
Ransomware attacks up over 120 percent in two years
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
"Endemic" Ransomware Prompts NHS to Demand Supplier Action - Infosecurity Magazine
Threat hunting case study: Medusa ransomware | Intel 471
You think ransomware is bad? Wait until it infects CPUs • The Register
Beware — These Ransomware Hackers Are Watching You Work
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
Ransomware Victims
Marks and Spencer could face 12% drop in profits after cyber attacks
M&S to make £100m cyber claim from Allianz and Beazley
UK retailers face 10% rises in premiums after cyber attacks
M&S Admit Customer Data Stolen in Cyber Incident | SC Media UK
What we know about DragonForce ransomware • The Register
M&S cyber attack: How sim-swap fraudsters exploit trust to steal data | The Independent
'They yanked their own plug': How Co-op averted an even worse cyber attack - BBC News
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data - SecurityWeek
Coinbase Targeted In $20 Million Extortion Plot Tied To Insider Data Leak - FinanceFeeds
Largest US steel manufacturer puts production on the backburner after cyber attack | TechRadar
Nova Scotia Power discloses data breach after March security incident
Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack - SecurityWeek
Almost Half of Healthcare Breaches Involved Microsoft 365 | Security Magazine
Phishing & Email Based Attacks
New Phishing Attack Abusing Blob URLs to Bypass SEGs and Evade Analysis
Artificial Intelligence Fuels New Wave of Complex Cyber Attacks Challenging Defenders
Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation
This Microsoft 365 phishing campaign can bypass MFA - here's what we know | TechRadar
Email trap exposes 49K stockbroker customer records | Cybernews
Edinburgh schools targeted in cyber attack as pupils passwords reset - Edinburgh Live
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Despite drop in cyber claims, BEC keeps going strong - Help Net Security
Other Social Engineering
North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism | CyberScoop
North Korean IT Workers Are Being Exposed on a Massive Scale | WIRED
‘Hello pervert’: the sextortion scam claiming to have videoed you | Money | The Guardian
Hackers now testing ClickFix attacks against Linux targets
88% of Executives Had Home Floor Plans Available Online | Security Magazine
Fraud, Scams and Financial Crime
North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism | CyberScoop
North Korean IT Workers Are Being Exposed on a Massive Scale | WIRED
Fraud Losses Hit $11m Per Company as Customers Abuse Soars - Infosecurity Magazine
M&S cyber attack: How sim-swap fraudsters exploit trust to steal data | The Independent
4 times data breaches ramped up the UK's fraud risk - Which?
European Police Bust €3m Investment Fraud Ring - Infosecurity Magazine
‘Hello pervert’: the sextortion scam claiming to have videoed you | Money | The Guardian
Deepfake voices of senior US officials used in scams: FBI • The Register
Deepfake attacks could cost you more than money - Help Net Security
International Crime Rings Defraud US Gov't Out of Billions
Artificial Intelligence
Artificial Intelligence Fuels New Wave of Complex Cyber Attacks Challenging Defenders
Cisco: Majority of Businesses Unprepared for AI Cyberattacks
NCSC sounds warning over AI threat to critical national infrastructure | UKAuthority
In the AI age, excessive data accumulation is a cyber security threat - Nikkei Asia
Can Cyber Security Keep Up With the AI Arms Race?
AI-Powered DDoS Attacks Are Changing the Threat Landscape | IT Pro
Deepfake voices of senior US officials used in scams: FBI • The Register
Deepfake attacks could cost you more than money - Help Net Security
Why security teams cannot rely solely on AI guardrails - Help Net Security
Over Three Thousand macOS Cursor Users Compromised
Deepfake Defense in the Age of AI
AI vs AI: How cyber security pros can use criminals’ tools against them - Help Net Security
FTC wants a new, segregated software system to police deepfake porn | CyberScoop
Tackling threats and managing budgets in an age of AI - Tech Monitor
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
noyb sends Meta C&D demanding no EU user data AI training • The Register
How To Remove Meta AI From All Your WhatsApp Chats
2FA/MFA
This Microsoft 365 phishing campaign can bypass MFA - here's what we know | TechRadar
Malware
Malware landscape dominated by FakeUpdates | SC Media
Over Three Thousand macOS Cursor Users Compromised
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Bots/Botnets
7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation
Police dismantles botnet selling hacked routers as residential proxies
Mobile
M&S cyber attack: How sim-swap fraudsters exploit trust to steal data | The Independent
Denial of Service/DoS/DDoS
AI-Powered DDoS Attacks Are Changing the Threat Landscape | IT Pro
A cyber attack briefly disrupted South African Airways operations
Internet of Things – IoT
UK report uncovers serious security flaws in business IoT devices
Data Breaches/Leaks
Company and Personal Data Compromised in Recent Insight Partners Hack - SecurityWeek
Insight Partners fears secret financial info cyber-stolen • The Register
4 times data breaches ramped up the UK's fraud risk - Which?
Nova Scotia Power discloses data breach after March security incident
Ascension reveals personal data of 437,329 patients exposed in cyberattack
Almost Half of Healthcare Breaches Involved Microsoft 365 | Security Magazine
Email trap exposes 49K stockbroker customer records | Cybernews
Fashion giant Dior discloses cyberattack, warns of data breach
Australian Human Rights Commission Discloses Data Breach - SecurityWeek
160,000 Impacted by Valsoft Data Breach - SecurityWeek
Organised Crime & Criminal Actors
How Security Has Changed the Hacker Marketplace
NatWest facing 100 million cyber attacks each month as experts reveal ‘staggering’ scale... - LBC
Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc
Andrei Tarasov: Inside the Journey of a Russian Hacker on the FBI’s Most Wanted List - SecurityWeek
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
Coinbase data breach exposes customer info and government IDs
Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data - SecurityWeek
Telegram shuts ‘largest darknet marketplace to have ever existed’
Insider Risk and Insider Threats
North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism | CyberScoop
North Korean IT Workers Are Being Exposed on a Massive Scale | WIRED
Layoffs pose a cybersecurity risk: Here's why offboarding matters - Help Net Security
Insider risk management needs a human strategy - Help Net Security
How working in a stressful environment affects cybersecurity - Help Net Security
Insurance
M&S to make £100m cyber claim from Allianz and Beazley
UK retailers face 10% rises in premiums after cyber attacks
Despite drop in cyber claims, BEC keeps going strong - Help Net Security
Cyber cover needs to be a board conversation business chiefs warned
Supply Chain and Third Parties
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
"Endemic" Ransomware Prompts NHS to Demand Supplier Action - Infosecurity Magazine
Cloud/SaaS
Microsoft Listens to Security Concerns and Delays New OneDrive Sync - Security Boulevard
Microsoft Teams will soon block screen capture during meetings
Almost Half of Healthcare Breaches Involved Microsoft 365 | Security Magazine
Identity and Access Management
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
Linux and Open Source
New Linux Vulnerabilities Surge 967% in a Year - Infosecurity Magazine
Hackers now testing ClickFix attacks against Linux targets
Passwords, Credential Stuffing & Brute Force Attacks
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That
Social Media
Well, Well, Well: Meta to Add Facial Recognition To Glasses After All
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
noyb sends Meta C&D demanding no EU user data AI training • The Register
Regulations, Fines and Legislation
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Why we must reform the Computer Misuse Act: A cyber pro speaks out | Computer Weekly
EU extends cyber sanctions regime amid rising digital threats - EU Reporter
UK Government Publishes New Software and Cyber Security Codes of Practice
NCSC assures CISA relationship unchanged post-Trump • The Register
DHS won’t tell Congress how many people it’s cut from CISA | CyberScoop
10 Reasons Why America Needs a Cyber Force
New cyber security law updates may be on the way
President Trump's Qatari 747 is a flying security disaster • The Register
CISA Reverses Decision on Cyber Security Advisory Changes - Infosecurity Magazine
Update to How CISA Shares Cyber-Related Alerts and Notifications | CISA
US Army Deactivates Only Active-Duty Information Operations Command
What Does EU's Bug Database Mean for Vulnerability Tracking?
CVE funding crisis offers chance for vulnerability remediation rethink | CSO Online
Models, Frameworks and Standards
UN Launches New Cyber-Attack Assessment Framework - Infosecurity Magazine
UK Government Publishes New Software and Cyber Security Codes of Practice
New Cyber Security Certification for Defence Announced
NCSC and industry at odds over how to tackle shoddy software • The Register
Data Protection
noyb sends Meta C&D demanding no EU user data AI training • The Register
Careers, Working in Cyber and Information Security
Most businesses can't fill cyber roles leaving huge gaps in defense | TechRadar
Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe – Krebs on Security
EU Launches Free Entry-Level Cyber Training Program - Infosecurity Magazine
Infosec Layoffs Aren't the Bargain Boards May Think
Law Enforcement Action and Take Downs
Police dismantles botnet selling hacked routers as residential proxies
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data
European Police Bust €3m Investment Fraud Ring - Infosecurity Magazine
Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Locked Shields 2025 Showcased Nations' Commitment to Defending Cyberspace
Nation State Actors
CyberUK 2025: Resilience and APT Threats Loom Large
China
Chinese hackers behind attacks targeting SAP NetWeaver servers
Can Cybersecurity Keep Up With the AI Arms Race?
Locked Shields 2025 Showcased Nations' Commitment to Defending Cyberspace
‘Rogue’ devices found in Chinese solar inverters - PV Tech
Ghost in the machine? Rogue communication devices found in Chinese inverters | Reuters
Russia
Downing St updating secret contingencies for Russia cyberattack, report claims – PublicTechnology
Fancy Bear campaign sought emails of high-level Ukrainians and their military suppliers | CyberScoop
Andrei Tarasov: Inside the Journey of a Russian Hacker on the FBI’s Most Wanted List - SecurityWeek
North Korea
North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism | CyberScoop
North Korean IT Workers Are Being Exposed on a Massive Scale | WIRED
North Korea ramps up cyberspying in Ukraine to assess war risk
Tools and Controls
CyberUK 2025: Resilience and APT Threats Loom Large
Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals
DMARC’s Future: Ignoring Email Authentication is No Longer an Option - Security Boulevard
73% of CISOs admit security incidents due to unknown or unmanaged assets | CSO Online
Layoffs pose a cybersecurity risk: Here's why offboarding matters - Help Net Security
The browser blind spot: Hidden security risks behind employee web activity - Digital Journal
UK Government Publishes New Software and Cyber Security Codes of Practice
When the Perimeter Fails: Microsegmentation as the Last Line of Defense - Security Boulevard
Cyber cover needs to be a board conversation business chiefs warned
CIOs paying too much for not enough IT security - survey - TechCentral.ie
New UK Security Guidelines Aims to Reshape Software Development
NCSC and industry at odds over how to tackle shoddy software • The Register
Locked Shields 2025 Showcased Nations' Commitment to Defending Cyberspace
Government webmail hacked via XSS bugs in global spy campaign
88% of Executives Had Home Floor Plans Available Online | Security Magazine
Why Red Teaming belongs on the C-suite agenda | TechRadar
Pen Testing for Compliance Only? It's Time to Change Your Approach
Tackling threats and managing budgets in an age of AI - Tech Monitor
Building Effective Security Programs Requires Strategy, Patience, and Clear Vision
Other News
A third of enterprises have been breached despite increased cybersecurity investment | TechRadar
Unsophisticated Hackers A Critical Threat, US Government Warns
Will cyber criminals come for accountants next? | AccountingWEB
Critical Infrastructure Siege: OT Security Still Lags
UK report uncovers serious security flaws in business IoT devices
Italy’s G7 drive for unified cyber resilience - Decode39
UK Government cyber 'battlements are crumbling' | Professional Security Magazine
Bluetooth 6.1 released, enhances privacy and power efficiency - Help Net Security
Spain to vet power plants’ cyber security for ‘great blackout’ cause | CSO Online
Departments have underestimated threat posed by cyber attacks, MPs warn
TikTok vs defence: Europe faces a reckoning over the allocation of energy
EU power grid needs trillion-dollar upgrade to avert Spain-style blackouts | Reuters
Students to be offered cyber crime protection training | The Herald
The Vatican’s cyber crusaders – POLITICO
Southwest Airlines CISO on tackling cyber risks in the aviation industry - Help Net Security
Vulnerability Management
SonicWall customers confront resurgence of actively exploited vulnerabilities | CyberScoop
Beyond Vulnerability Management – Can You CVE What I CVE?
Your old router could be a security threat - here's why and what to do | ZDNET
ISO - Configuration management: Why it’s so important for IT security
Malware landscape dominated by FakeUpdates | SC Media
DHS won’t tell Congress how many people it’s cut from CISA | CyberScoop
CISA Reverses Decision on Cybersecurity Advisory Changes - Infosecurity Magazine
EU launches own vulnerability database in wake of CVE funding issues | Cybernews
Why CVSS is failing us and what we can do about it • The Register
New Linux Vulnerabilities Surge 967% in a Year - Infosecurity Magazine
CVE funding crisis offers chance for vulnerability remediation rethink | CSO Online
EU bug database fully operational as US slashes infosec • The Register
CVE funding crisis offers chance for vulnerability remediation rethink | CSO Online
Vulnerabilities
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server
SonicWall Under Pressure as Security Flaws Resurface | MSSP Alert
Your old router could be a security threat - here's why and what to do | ZDNET
Adobe Patches Big Batch of Critical-Severity Software Flaws - SecurityWeek
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
Critical Vulnerabilities in Mitel SIP Phones Let Attackers Inject Malicious Commands
Apple Patches Major Security Flaws in iOS, macOS Platforms - SecurityWeek
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors - Help Net Security
Broadcom urges patching VMware Tools vulnerability | Cybernews
Ivanti warns of critical Neurons for ITSM auth bypass flaw
Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers - SecurityWeek
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy
New Linux Vulnerabilities Surge 967% in a Year - Infosecurity Magazine
SAP cyberattack widens, drawing Salt Typhoon and Volt Typhoon comparisons | CyberScoop
Critical SAP NetWeaver Vuln Faces Barrage of Cyber Attacks
SAP patches second zero-day flaw exploited in recent attacks
Commvault Command Center patch incomplete: researcher • The Register
Chipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU Attacks - SecurityWeek
CISA Warns of TeleMessage Vuln Despite Low CVSS Score
Flaw in Asus DriverHub makes utility vulnerable to remote code execution | Tom's Hardware
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.