Recent high-profile attacks have placed increased emphasis on the software supply chain and the need to understand where code has originated.

A developer's coding style is as unique as their fingerprint and, thanks to artificial intelligence, it’s possible to identify an author based on a short code segment. Felix Mächtle, a researcher at the University of Lübeck and member of the AI Grid research network, has developed a tool that does just that. We spoke to him to learn more.

Continue reading →

The manufacturing industry is the most targeted industry for cyberattacks and this has has now been the case for four consecutive years.

A new study from KnowBe4 shows that this combined with the manufacturing sector’s expanding digital footprint is putting operations, intellectual property, and economic resilience at risk from critical vulnerabilities.

Continue reading →

Organizations are continuing to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta.

This is among the findings of a new report, from AI-powered identity security and cyber resilience company Semperis, which is based on results from Purple Knight a free Active Directory security assessment tool by Semperis that has been downloaded by 45,000+ organizations.

Continue reading →

Operational technology (OT) can often be a cybersecurity weak spot for enterprises, relying as it does on older hardware and operating systems that are hard to update.

It’s no surprise then that a new report from Fortinet shows there has been a significant increase in the global trend towards corporations planning to integrate cybersecurity under the CISO or other executives.

Continue reading →

As generative AI tools have become more powerful, affordable and accessible, cybercriminals are increasingly adopting them to support attacks, these range from business fraud to extortion and identity theft.

A new report from Trend Micro shows that deepfakes are no longer just hype but are being used in real-world exploitation, undermining digital trust, exposing companies to new risks, and boosting the business models of cybercriminals.

Continue reading →

Although enterprise AI investment continues to accelerate, executive confidence in the strategies guiding this transformation is falling according to a new report.

The research from Akkodis, looking at the views of 500 global Chief Technology Officers (CTOs) among a wider group of 2,000 executives, finds that overall C-suite confidence in AI strategy dropped from 69 percent in 2024 to just 58 percent in 2025. The sharpest declines are reported by CTOs and CEOs, down 20 and 33 percentage points respectively.

Continue reading →

Mainstream developers and users are increasingly seeking alternatives to big tech’s centralized servers and cloud-based systems.

Issues like data breaches, censorship, and monopolization are driving this trend. We spoke to Mathias Buus Madsen, CEO of Holepunch, about why decentralization matters and how we can expect the trend to develop.

Continue reading →

According to the Office for National Statistics, in late May 2025, 77 percent of UK businesses with 10 or more employees reported that their staffing costs, covering wages, bonuses, national insurance (NI) and pension contributions, had increased over the preceding three months; a rise of 41 percent since late February 2025, and a 17 percent rise from the year before.

In the light of this Brian Sibley, Virtual CTO at Espria, says clear and concise billing models for the cloud are needed for a wholly comprehensive understanding and urges businesses to urgently assess their MS Azure subscriptions to reduce costs and improve services.

Continue reading →

Supply chain security company Sonatype has released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 malicious open source packages across major ecosystem.

This brings the total number of open-source malware packages Sonatype has discovered to 845,204. Compared to the end of the same quarter last year, the total volume of malware logged by Sonatype has surged 188 percent, underscoring the growing sophistication and scale of attacks aimed at developers, software teams, and CI/CD pipelines.

Continue reading →

Advanced phishing kits and info-stealing malware have accounted for a 156 percent jump in cyberattacks targeting user logins.

A new report from cybersecurity company eSentire shows attackers are increasingly opting for obtaining login credentials and session cookies via phishing or malware. This then allows them to carry out Business Email Compromise (BEC) attacks, gain access to bank accounts, or steal cryptocurrency.

Continue reading →

Microsoft Active Directory (AD) turned 25 earlier this year -- remarkable longevity in the technology world. It’s the identity backbone for more than 80 percent of enterprises, meaning a breach could be catastrophic.

We spoke to Sean Deuby, principal technologist at Semperis, to look at the top considerations for protecting AD for the future, as most organizations he talks to have no plans to move on from the aging technology.

Continue reading →

Earlier this week we looked at the use of AI in recruiting and retaining staff. But that was from the business point of view. What about the other side of the coin, can you -- should you -- use AI when applying for a job?

The UK government clearly thinks so. New guidelines on the Civil Service Careers website say that tools like ChatGPT, Copilot and Gemini can be used to, “enhance your application and prepare for the process”. However it goes on to caution that AI shouldn’t be used to, “provide misleading or false information at any stage of the application journey.”

Continue reading →

As summer travel plans ramp up, so do concerns around identity theft, fraud, and safety – especially as travelers engage with everything from airlines to Airbnbs, ride shares to public Wi-Fi.

We spoke to Bala Kumar, chief technology and product officer at Jumio, to discuss the AI-powered scams threatening enterprises' customers this summer, and how businesses can ensure safe, secure, and efficient identity verification.

Continue reading →

We’re all familiar with the idea of TLS/SSL security certificates that verify the identity of a website and ensure trust and security on the web by confirming that the site you’re visiting is what it says it is.

Usually these relate to the domain name of the site, since that’s how most people gain access, indeed if you type in the underlying IP address instead you’ll often get an error because of the lack of a certificate.

Continue reading →

AI is revolutionizing how software gets built, making the process faster, smarter, and more autonomous. But it also introduces more risk than we’ve ever seen and challenges application security, which wasn’t designed for AI-driven development processes.

In response to this Legit Security is launching Legit MCP (Model Context Protocol) Server. This new offering brings application security posture management (ASPM) to AI-led development, making vulnerability management simpler.

Continue reading →