46 articles
MFA bypass-as-a-service is now sophisticated enough to defeat most SMB defences. Vidar is back, rebuilt in Go, and harder to detect than ever.
Read more →
CISA confirmed active exploitation of a Microsoft Exchange vulnerability this week. UK small businesses running on-premise email need to act today.
Read more →
A days-old NGINX vulnerability is already being probed and exploited. Grafana's source code was stolen via a single access token. Two stories, one theme: patch windows are collapsing.
Read more →
NGINX powers roughly a third of the web. CVE-2026-42945 is being exploited right now. Here is what UK small businesses need to do before Friday.
Read more →
Three active threats converge today: an exploited Exchange zero-day, a surge in device code phishing targeting Microsoft 365, and a supply chain attack that caught OpenAI. All three have direct implications for UK SMBs.
Read more →
Three critical flaws landed overnight. WordPress sites, Microsoft Authenticator, and on-premises email are all in the frame. Here is the data, without the spin.
Read more →
Quantum computing could break encryption soon. UK SMBs must act now to secure data. Learn the steps to protect your business and gain a competitive edge.
Read more →
An initial access broker is using Microsoft Teams to own corporate networks in five minutes flat. A Linux kernel privilege escalation with working exploit code dropped today. Neither is theoretical.
Read more →
A wormable Windows Server flaw, a payment platform with a forgeable secret key, and 130 patches. Here is what matters to your business this week.
Read more →
A new ransomware operation with Qilin connections is accelerating. Supply chain attacks are poisoning developer tools and AI platforms. Here is what matters today.
Read more →
120 vulnerabilities. A critical Windows Netlogon flaw. A Windows DNS buffer overflow. This is not a drill. Here is what to do this week.
Read more →
Signed packages, a six-minute supply chain blitz, and ransomware using blockchain to hide its C2. Today's brief covers two threats that reach well beyond enterprise targets.
Read more →
AI is now writing zero-day exploits. Cloud infrastructure is being weaponised against your staff. And TrickMo just made its banking trojan significantly harder to detect.
Read more →
Attackers can own your WordPress store without a password. cPanel has fresh critical flaws. CISA just confirmed active exploitation of Ivanti. Three reasons to act today.
Read more →
APT28 is rewriting your router's DNS settings. Ivanti EPMM has a zero-day with active exploitation. And threat actors are abusing remote management tools to drop malware via phishing. Here is what UK SMBs need to know today.
Read more →
Attackers are inside Ivanti EPMM before patches existed. If your business manages mobile devices, this is not someone else's problem.
Read more →
A critical Palo Alto firewall flaw is being actively exploited with no patch yet available. If your MSP manages a PAN-OS device, ask them one question.
Read more →
State-sponsored actors had a month inside Palo Alto firewalls before the advisory came out. Storm-1175 is still moving. And your developers may have already run the poisoned package.
Read more →
A Palo Alto firewall zero-day is being actively exploited right now. And MuddyWater is using Microsoft Teams to walk through your front door. Both matter today.
Read more →
A fake Teams installer is dropping backdoors globally. A third-party analytics vendor handed ShinyHunters 119,000 email addresses. And UK romance fraud hit £102M last year. Three stories, one briefing.
Read more →
Three high-impact threats landed simultaneously on 4th May 2026. If your business uses MOVEit, runs Linux servers, or has developers using Python, read this now.
Read more →
CISA confirmed active exploitation of a Linux root access flaw this week. If your business runs Linux anywhere, including on a NAS or cloud VM, read this now.
Read more →
Unauthenticated attackers can upload malware or log in as your site admin right now. Two critical WordPress flaws. No patch excuses.
Read more →
44,000 hosting control panels confirmed compromised. A WordPress plugin is handing out admin access to anyone who asks. This week's threats are not theoretical.
Read more →
A supply chain attack on open-source security tooling and a Linux privilege escalation exploit with working code in the wild. Two threats. One uncomfortable Friday.
Read more →
A critical cPanel flaw is being actively exploited with ransomware already reported. TeamPCP is poisoning open-source security tools. The NCSC says a patch wave is coming. Today is not a quiet day.
Read more →
Public exploit code for a Linux root access flaw has defenders scrambling. If your business runs Linux anywhere, this is not a drill.
Read more →
A critical cPanel authentication bypass has been exploited since February. A new Linux root exploit dropped today. And 43% of UK businesses were compromised last year. Pick your priority.
Read more →
This week's threat brief covers a critical cPanel auth bypass requiring emergency patching, ClickFix phishing campaigns stealing credentials via PowerShell, and VECT ransomware that wipes files it cannot encrypt.
Read more →
Three active campaigns converge on UK small businesses this week: voice-driven extortion, poisoned developer packages, and OAuth phishing that bypasses MFA. Here is what they are not telling you.
Read more →
Nineteen critical flaws. One router model. All exploits published. If your office uses a Totolink A8000RU, you are already exposed.
Read more →
TeamPCP is back. Three concurrent package compromises in one week. Here is what UK businesses using Python or Node.js tooling need to do right now.
Read more →
Voice phishing plus credential harvesting. Malicious Python packages with 11 million monthly downloads. This is what active UK cyber threats look like today.
Read more →
CISA just added SimpleHelp remote support vulnerabilities to its actively-exploited list. If your IT provider uses it, attackers may already have a path in.
Read more →
A quiet day on the KEV and NVD feeds. Mauven explains why that is not the same as a safe day.
Read more →
61% of organisations were breached through their supply chain last year. Just 7% monitor beyond immediate suppliers. That is a structural failure, not bad luck.
Read more →
63% of UK SMBs faced cyber incidents in 2023. Learn how to prepare and protect your business assets effectively.
Read more →
Attackers are weaponising the same remote access tools your IT team uses. Sophos has the receipts. Here is what happened and what you need to do.
Read more →
Your cyber policy probably excludes losses from state-backed attacks. You may not have read that clause. If a nation-state campaign sweeps through your sector, it could void your cover entirely.
Read more →
Two working exploits in one week. One public, one confirmed in the wild. Neither fully patched. Here is what UK SMBs need to do right now.
Read more →
Scammers use virtual smartphones to deceive small businesses. Learn how to protect your business and prevent financial loss.
Read more →
AI-driven cyberattacks are here. Learn how to protect your UK small business from these sophisticated threats before it's too late.
Read more →
The TeamPCP campaign targets software supply chains. Learn how UK SMBs can protect themselves from these escalating threats.
Read more →
AI-driven threats are evolving fast. Is your business keeping up? Discover how to protect your enterprise from cutting-edge cybercriminal tactics.
Read more →
AiTM phishing is targeting small businesses. Discover how to protect your social media accounts from this new threat before it's too late!
Read more →
Law enforcement landed a hit on Tycoon2FA. Then Tycoon2FA got back up. That should tell you everything you need to know about identity attacks in 2026. If your plan begins and ends with MFA, you are still leaving the door open.
Read more →