News
Page updated: 21 April 2026
This page consists of a “One Stop” for freely available information to help in your threat and vulnerability management tasks.
NCSC: Threat Reports
- Impact of AI on cyber threat from now to 2027
- A method to assess 'forgivable' vs 'unforgivable' vulnerabilities
- The near-term impact of AI on the cyber threat
- The near-term impact of AI on the cyber threat
- Cyber Threat Report: UK Legal Sector
- The threat from commercial cyber proliferation
- ACD - The Sixth Year
- Threat Report 24th March 2023
- Threat Report 10th March 2023
- Threat Report 24th February 2023
- Threat Report 10th February 2023
- Threat Report 27th January 2023
- Threat Report 13th January 2023
- Threat Report 22nd December 2022
- Threat Report 9th December 2022
Tenable: Cyber Exposure Alerts
- Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
- What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
- CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
- The developer credential economy: Why exposure data is the new front line in the supply chain war
- Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
- CVE-2026-21992: Critical Out-of-Band Oracle Identity Manager and Oracle Web Services Manager Remote Code Execution Vulnerability
- FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word
- Operation Epic Fury: Why exposure data changes everything about Iran's cyber-kinetic campaign
- Cyber Retaliation: Analyzing Iranian Cyber Activity Following Operation Epic Fury
- Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)
- Operation Epic Fury: Potential Iranian Cyber Counteroffensive Operations
- CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild
- Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)
- Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)
- Frequently Asked Questions About Notepad++ Supply Chain Compromise
CISA: Cyber Threat Intelligence
- Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
- Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
- CISA Shares Lessons Learned from an Incident Response Engagement
- CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
- #StopRansomware: Interlock
- Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
- Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
- Russian GRU Targeting Western Logistics Entities and Technology Companies
- Fast Flux: A National Security Threat
- #StopRansomware: Medusa Ransomware
- #StopRansomware: Ghost (Cring) Ransomware
- Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
- 2023 Top Routinely Exploited Vulnerabilities
- Microsoft Releases October 2024 Security Updates
- Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
Our Services that can directly help, benefit, your organisation with mitigating the issues presented above
Cyber Risk Management
