Ian Barker

New research from internet service provider Beaming shows UK businesses were targeted more than 791,600 times last year and attackers are focused on systems that facilitate remote work and data storage, turning them into high-risk entry points.

Remote desktop and VPN services saw sustained, automated probing throughout 2025. These are the primary targets for ransomware groups who use stolen credentials to infiltrate and encrypt corporate networks to cause total business lockout.

A shortage of skilled developers is leading to many companies failing to meet their product roadmap targets, according to research from Full Scale.

As a result the software development lifecycle (SDLC) is undergoing a fundamental shift, that includes using artificial intelligence to cut out repetitive tasks and allow developers to concentrate on their core role.

New research from StrongestLayer highlights a fundamental shift in attacker behavior, where adversaries increasingly hide behind business-critical platforms such as DocuSign, Microsoft, and Google Calendar -- services organizations can’t block without disrupting operations.

The research analyzed analyzing 2,042 advanced email attacks that successfully bypassed Microsoft Defender E3/E5 and market-leading secure email gateways before being detected by StrongestLayer.

NordPass Authenticator is a feature that generates one-time passwords directly in a NordPass vault. It gives all the security of two-factor authentication without an extra app. However, until now it’s only been available to business users.

Today the company is also making Authenticator available for personal accounts. It uses time-based one-time password (TOTP) support which enables users to add an extra layer of security to their accounts with two-factor authentication, without the need to download or install additional applications.

AI is predicted to generate two-thirds of code by 2027, but 96 percent of developers do not trust that it’s functionally correct according to a new study from Sonar.

This lack of confidence means that developers are forced to spend more time on reviewing code. Developer work remains fixed at 10 hours per week, regardless of AI use, but there’s a significant shift to reviewing AI-generated code to ensure it is secure, reliable, and maintainable.

The financial services sector has now overtaken healthcare as the industry with the highest number of data compromises.

New research from Alta Technologies analyzed information from the Identity Theft Resource Center 2024 Data Breach Report to determine which industries experienced the highest number of data breaches in 2024. shows the industry, which includes jobs such as accountants, bankers, and financial analysts, experienced 737 data compromises throughout 2024. Since 2018, healthcare had previously been the most attacked industry.

AI-driven bot traffic has surged in the past year, often they scrape content to serve their operator’s needs only without sending new users or traffic to the targeted site. This is also creating an environment where automated abuse is a primary driver of fraud, infrastructure cost overruns, traffic volatility, and customer friction.

Real-time data platform company, Hydrolix, is launching a new Bot Insights solution that gives real-time visibility into every bot, crawler, and AI agent hitting a business.

In 2025, the number of known phishing-as-a-service (PhaaS) kits doubled in number, increasing the pressure on security teams trying to defend against this ever-evolving threat.

A new report from Barracuda shows new players such as Whisper 2FA and GhostFrame introduced inventive and evasive tools and tactics, including a suite of techniques to prevent analysis of their malicious code, while established groups such as Mamba and Tycoon also continued to evolve and thrive.

A new wave of attacks is hitting the JavaScript package ecosystem, specifically through open-source managers like NPM. Instead of malicious code hiding in the package itself, attackers now weaponize the install process. So, the code looks clean at build-time but later executes in end-user browsers, where it quietly steals data.

We talked to Simon Wijckmans, CEO at the client-side security and intelligence platform cside, to understand why this is happening and how organizations can respond.

Cybercriminals can use malicious insiders as a direct means to access sensitive company resources, stealing confidential data or using the access to deploy a devastating cyberattack. New research shows that they’re actively searching for insiders from various organizations via the dark web.

Over the past 12 months, the team at threat exposure platform NordStellar has identified 25 unique dark web posts seeking out insiders. A significant portion of these posts focus explicitly on insiders who work for social media or cryptocurrency platforms.

Enterprises are already seeing AI agents sharing sensitive data, overriding internal policies and making unsanctioned changes without visibility into who authorized the action or why it occurred.

Security automation company Exabeam is launching a new release to deliver a connected system of AI-driven security workflows to protect organizations from the risks of AI usage and AI agent activity.

Policy violations linked to GenAI applications more than doubled year-on-year, with the average organization now recording 223 GenAI-related data policy violations per month. Among the top 25 percent of organizations, this figure rises to 2,100 incidents per month.

A new report from Netskope Threat Labs also highlights the continued prevalence of shadow AI, despite growing investment in company-approved AI tools.

For people who like to have access to all of their emails in one handy location Gmail has long offered the facility to import messages from other accounts using POP3.

From this month that feature is going to be withdrawn. A note on Google’s support pages says, “Fetching emails from third-party accounts into your Gmail account, with POP, will no longer be supported.”

While AI promises lightning-fast transformation, many organizations are running into problems when outdated, complex networks bog down deployments, forcing costly redesigns and leaving businesses waiting months instead of weeks to implement AI at scale.

We spoke to Amir Khan, CEO at Alkira, to learn why fixing the network has become foundational to unlocking real AI value.

Generative AI (GenAI) is reshaping software development, closing the long‑standing gap between surging demand for new applications and the limited supply of skilled developers. But this AI‑driven leap in productivity comes with an unexpected twist: it’s also dissolving the traditional technological edge that once set companies apart.

So where does sustainable advantage come from in this new world? We sat down with Matthias Steiner, senior director of global business innovation at Syntax, to explore how enterprises can redefine their competitive edge in the GenAI era.