Speed-focused compliance programs could help businesses get cybersecurity certifications quicker, but security professionals are skeptical if the speed comes at the expense of actual business resilience. This is according to new research from resilience specialists IO, which claims that 87% of senior cybersecurity managers in the UK believe the speed at which certification is achieved […]
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary “first-day” password so employees can access systems for the first time. The issue is that these passwords don’t always stay temporary. They may be sent […]
The Cyber Resilience Act1 (“CRA”) is the first EU-wide regulation mandating minimum cybersecurity standards for all connected products sold on the internal market. It makes cybersecurity a mandatory product feature, requiring manufacturers to implement “security by design” and maintain robust update and vulnerability management processes throughout a product’s lifecycle. In this article, we outline the most […]
Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most “systemically” important software across the world since the cybersecurity initiative went live last month. Project Glasswing is a defensive effort launched by the artificial intelligence (AI) company to secure critical global software infrastructure. […]
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire description verbatim to trick unsuspecting […]
Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas, were accused of deploying the ransomware against multiple victims located throughout the U.S. between April and December 2023. The two defendants, who pleaded guilty to their crimes in December 2025, conspired with Angelo Martino, 41, of Florida, to conduct the attacks. “The three men agreed […]
PhantomRPC, a newly identified architectural vulnerability in Windows Remote Procedure Call (RPC) that enables local privilege escalation to SYSTEM-level access, potentially affecting every version of Windows. The research was presented by Kaspersky application security specialist Haidar Kabibo at Black Hat Asia 2026 on April 24 and details five distinct exploitation paths, none of which have […]
In recent weeks, the AI world has been a-buzz following claims made by leading firm, Anthropic, regarding its new model, Claude Mythos. The company says it found the tool can outperform humans at some hacking and cyber-security tasks, which has prompted discussions by regulators, legislators and financial institutions about the dangers it could pose to […]
In June 2024, a cyber-attack on a pathology services company caused chaos across London’s hospitals. More than 10,000 appointments were cancelled. Blood shortages followed and delays to blood tests led to a patient’s death. Lethal cyber-attacks like this are thankfully rare. But a new AI release could change that – plunging us into a terrifying new […]
Artificial intelligence (AI) is moving rapidly from experimentation into the operational core of the economy. Systems that once analyzed information are now guiding decisions, executing tasks and interacting with other digital systems with minimal human oversight. This shift is transforming not only how businesses operate but also how they must think about security, governance and risk. A new national […]