News
Page updated: 13 June 2026
This page consists of a “One Stop” for freely available information to help in your threat and vulnerability management tasks.
NCSC: Threat Reports
- Impact of AI on cyber threat from now to 2027
- A method to assess 'forgivable' vs 'unforgivable' vulnerabilities
- The near-term impact of AI on the cyber threat
- The near-term impact of AI on the cyber threat
- Cyber Threat Report: UK Legal Sector
- The threat from commercial cyber proliferation
- ACD - The Sixth Year
- Threat Report 24th March 2023
- Threat Report 10th March 2023
- Threat Report 24th February 2023
- Threat Report 10th February 2023
- Threat Report 27th January 2023
- Threat Report 13th January 2023
- Threat Report 22nd December 2022
- Threat Report 9th December 2022
Tenable: Cyber Exposure Alerts
- Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)
- Oracle May 2026 Critical Security Patch Update Addresses 35 CVEs
- Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign
- CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004)
- Key findings from the Verizon DBIR 2026: Slower vulnerability remediation meets faster exploitation
- Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)
- Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation
- Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103)
- Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain
- Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability
- Oracle April 2026 Critical Patch Update Addresses 241 CVEs
- Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
- What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
- CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
- The developer credential economy: Why exposure data is the new front line in the supply chain war
CISA: Cyber Threat Intelligence
- Defending Against China-Nexus Covert Networks of Compromised Devices
- Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
- Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
- CISA Shares Lessons Learned from an Incident Response Engagement
- CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
- #StopRansomware: Interlock
- Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
- Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
- Russian GRU Targeting Western Logistics Entities and Technology Companies
- Fast Flux: A National Security Threat
- #StopRansomware: Medusa Ransomware
- #StopRansomware: Ghost (Cring) Ransomware
- Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
- 2023 Top Routinely Exploited Vulnerabilities
- Microsoft Releases October 2024 Security Updates
Our Services that can directly help, benefit, your organisation with mitigating the issues presented above
Cyber Risk Management
