Ian Barker

Google has released information on a new AI-powered agent that automatically improves code security by fixing critical software vulnerabilities.

CodeMender has been built over the past six months and the company has already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code.

Continue reading →

The Scattered Spider group seems to have switched from high-profile attacks on UK retailers to new campaigns targeting the insurance sector. The group has recently been linked to ransomware incidents affecting US-based Philadelphia Insurance and Erie Insurance, which operates in both the UK and the US.

We spoke to Danny Howett, technical director at global cybersecurity consultancy CyXcel, to discuss why insurance is such an attractive target and some practical steps insurers can take to shore up their defences against increasingly organised cybercriminals.

Continue reading →

October is Cybersecurity Awareness Month designed to raise awareness of the ways people can protect themselves online. To mark this ESET has launched a free Cybersecurity Awareness Kit.

This includes a new and improved version of its free ESET Basic Cybersecurity Awareness Training along with access to ESET’s 2025 H1 Threat Report, and a free 30-day business trial of ESET’s full-featured security solution.

Continue reading →

Modern enterprises are more than ever reliant on data. But that makes understanding how that data is generated, transmitted, changed and used over time -- its lineage, vitally important.

We spoke to Saurabh Gupta, chief of strategy, revenue and growth at The Modern Data Company, to discuss how proactive, context-rich systems of record enable organizations to accelerate, maintain trust, and strategically utilize data.

Continue reading →

Virtual Private Networks (VPNs) are trusted by millions to protect privacy, secure communications, and enable remote access on their mobile device. But what if the apps designed to safeguard your data are not secure?

Analysis by Zimperium zLabs of 800 free VPN apps for both Android and iOS reveals that the threat is real and widespread.

Continue reading →

A new study of 500 US IT and cybersecurity staff reveals that 84 percent report feeling uncomfortable levels of stress at work due to IT security risks, while 78 percent fear they will be personally blamed for security incidents.

The report from Object First exposes a gap in how organizations support their IT staff, highlighting the opportunity to provide mental health resources and less complex security technology to help reduce stress as cyber threats continue to rise.

Continue reading →

A new report from Illumio, based on a survey of over 1,100 IT and cybersecurity decision makers, finds that almost 90 percent of leaders have detected a security incident involving lateral movement within the past 12 months.

Each incident involving lateral movement resulted in a global average of over seven hours of downtime. Alert fatigue, along with limited and fragmented visibility, especially across hybrid environments, are two of the top challenges to detecting lateral movement.

Continue reading →

A new survey of more than 1,400 education leaders across primary, secondary and higher education in the UK and US finds that while AI is already integrated into classrooms and faculty work, development of policies and protections needed to manage new risks in schools is lagging.

The study from Keeper Security shows 41 percent of schools have experienced AI-related cyber incidents, including phishing campaigns and misinformation, while nearly 30 percent reported instances of harmful AI content, such as deepfakes created by students.

Continue reading →

The rapid adoption of artificial intelligence (AI) is transforming both attack and defense according to a report released today by crowdsourced security platform HackerOne.

It finds that organizations have expanded their AI program adoption by 270 percent this year, while HackerOne’s platform reported a 540 percent surge in prompt injection vulnerabilities to make them the fastest-growing threat in AI security.

Continue reading →

A new report from Ping Identity finds that 68 percent of consumers are now using AI, up from 41 percent a year ago. But at the same time fewer than one in five (17 percent) say they have ‘full trust’ in the organizations that manage their identity data.

The findings of the study, carried out by Talker Research which interviewed 10,500 consumers across 11 countries, show that 75 percent say they are more concerned about personal data security than five years ago. In addition 39 percent cite AI-driven phishing as the modern scam that concerns them most.

Continue reading →

As White House Executive Orders, NIST mandates, and international deadlines accelerate the push toward post-quantum encryption, the clock is ticking for organizations still grappling with cryptographic debt.

We spoke to Dave Krauthamer, co-founder and field CTO at QuSecure, to learn more about emerging threats, compliance mandates, and mitigation frameworks for organizations looking to get ahead of the coming disruption.

Continue reading →

A new report shows that poor digital employee experience (DEX) directly costs global businesses an average of 470,000 hours per year in lost productivity, equivalent to around 226 full-time employees.

The study from Nexthink, based on analysis of data from more than 20m endpoints across 474 global businesses, finds the average employee suffers 14 negative digital experiences a week. These include device crashes, application glitches, or slow load times, and can reduce productivity and collaboration while also increasing employee frustration and stress.

Continue reading →

While businesses continue to depend on email for mission-critical communication, a new report issued by email signature management specialist Exclaimer reveals they're struggling to secure and govern this most essential channel.

The survey of over 4,000 global IT leaders, including 1,000 in the US, and exposes a critical gap: while 86 percent of US IT leaders say more than half of their business communication flows through email, the infrastructure supporting it hasn't kept pace with modern security and governance demands.

Continue reading →

A new survey reveals that 44 percent of all participants admit to having interacted with a phishing message in the last year. Gen Z stands out as the most susceptible demographic, with 62 percent reporting engagement with a phishing scam in the past year, significantly higher than other age groups.

Commissioned by Yubico and conducted by Talker Research, the survey gathered insights from 18,000 employed adults across nine countries including Australia, France, Germany, India, Japan, Singapore, Sweden, the UK and the US. It explored individuals’ cybersecurity habits in both their workplace and personal lives.

Continue reading →

New research from NowSecure tested 50,000 mobile apps in August and finds over 77 percent contain common forms of PII.

It’s well known that the vast majority of mobile apps are built using third-party components like SDKs. The study finds that 98 percent of iOS apps have incomplete privacy manifests due to omissions relating to third-party components, violating Apple transparency requirements and creating major blind spots.

Continue reading →