The Gentlemen ransomware gang ships an EDR killer framework to every affiliate, targeting 48 security products before encryption begins. Here are three practical checks every IT team should make this …
News
-
-
The FortiBleed Fortinet VPN breach compromised 74,000 firewalls, many running current firmware. The real failures were exposed management interfaces, legacy password hashing, and no MFA. Here is the harder lesson.
-
Three-quarters of UK critical infrastructure incidents last year were state-sponsored. Here is what the NCSC recommends and why most businesses are in the threat picture.
-
Three critical Fortinet FortiSandbox vulnerabilities are being actively exploited. Here is what your team needs to check, patch and verify before attackers get there first.
-
A now-patched Microsoft Copilot vulnerability let attackers steal emails, MFA codes and files with one click. The fix is in, but the underlying dynamic: AI tools with sweeping access inside …
-
A CDN-level supply chain attack backdoored over 1.2 million WordPress sites via OptinMonster, TrustPulse and PushEngage. Here is exactly what to check and how to clean up.
-
MIT’s Fractal OS found three previously unknown security behaviours in the Apple M1, including the first confirmed Phantom speculation on Apple Silicon. The findings say less about how dangerous the …
-
The Gentlemen ransomware group has claimed 478 victims — including a UK business used to breach a client — by exploiting unpatched VPN appliances and spending weeks inside networks before …
-
ShinyHunters exploited CVE-2026-35273 for nearly two weeks before Oracle published any advisory. The flaw is serious — but the disclosure gap is the structural failure that put 100 organisations at …
-
Velvet Ant’s decade inside a target network reveals a gap that affects most security programmes: the tools used to report security health are not designed to detect a Linux PAM …