Threat report stories

Blackpoint Cyber warns attackers are increasingly slipping in through trusted credentials, VPNs and remote tools, with fake CAPTCHA scams leading incidents.

Resemble AI unveils free Chrome extension and X bot as chief executive officer Zohaib Ahmed warns synthetic media risks are widening across businesses.

Gcore warns DDoS attacks hit 1.3 million in late 2025 as brief, high-volume floods and longer app assaults expose more sectors to risk.

AI-fuelled cyber attacks are spreading faster worldwide, CrowdStrike warns, as breakout times plummet and criminals weaponise mainstream tools.

BAE unveils BATS counter-drone system, blending software, electronic warfare and kinetic tools to tackle escalating uncrewed threats.

Norton launches Genie scam assistant in ChatGPT, letting users tag @Norton to analyse emails, texts, images and links for fraud risks.

A stealthy BlackSanta malware campaign is hijacking CVs and HR hiring flows to kill EDR tools at kernel level and exfiltrate data.

A stealthy BlackSanta malware spree is hijacking HR recruitment workflows, killing endpoint defence tools and exfiltrating sensitive data.

Identity-based attacks drove nearly 70% of incidents in Expel's 2026 threat report, exposing gaps between basic controls and real-world defence.

AI-fuelled hackers can now spread across corporate networks in as little as four minutes, outpacing human defenders by hours.

AI is fuelling a surge in cyber attacks, with CrowdStrike warning criminals now move from breach to lateral movement in under 30 minutes.

Barracuda warns that unpatched firewalls and weak accounts drove 90% of 2025 ransomware attacks, as threats spread in mere hours.

Most ransomware-hit firms now refuse to pay, as Arctic Wolf reports an 11-fold surge in data-only extortion and booming remote access abuse.

Data-only extortion soars 11-fold as attackers 'log in instead of break in', abusing remote access tools for faster, stealthier raids.

Security complexity calls for frameworks like MITRE ATT&CK and SonicWall solutions to build resilient defences, consolidating vendors and enhancing response.

Invisible AI failures, such as hallucinations and accuracy issues, threaten enterprise trust, with 82% of bugs traced to these hidden errors, Testlio finds.

Rapid7's report reveals cyber threats evolving with AI-powered phishing, rising ransomware alliances, and faster exploitation of vulnerabilities worldwide.

The global financial sector faces a 25% surge in cyberattacks for 2024, with nearly 45% of employees prone to phishing, raising critical human risk concerns.

Fake pharmacies and AI-powered scams surge in UK cyber threats, with over 5,000 bogus sites and a 340% rise in financial scams targeting users.

Cloudflare blocked a record 7.3 Tbps DDoS attack in Q2 2025 amid a 44% annual rise in attack severity, highlighting growing cyber threats to critical sectors.