Threat report stories

Norton launches Genie scam assistant in ChatGPT, letting users tag @Norton to analyse emails, texts, images and links for fraud risks.

A stealthy BlackSanta malware spree is hijacking HR recruitment workflows, killing endpoint defence tools and exfiltrating sensitive data.

Identity-based attacks drove nearly 70% of incidents in Expel's 2026 threat report, exposing gaps between basic controls and real-world defence.

AI-fuelled hackers can now spread across corporate networks in as little as four minutes, outpacing human defenders by hours.

AI is fuelling a surge in cyber attacks, with CrowdStrike warning criminals now move from breach to lateral movement in under 30 minutes.

Barracuda warns that unpatched firewalls and weak accounts drove 90% of 2025 ransomware attacks, as threats spread in mere hours.

Data-only extortion soars 11-fold as attackers 'log in instead of break in', abusing remote access tools for faster, stealthier raids.

Security complexity calls for frameworks like MITRE ATT&CK and SonicWall solutions to build resilient defences, consolidating vendors and enhancing response.

Invisible AI failures, such as hallucinations and accuracy issues, threaten enterprise trust, with 82% of bugs traced to these hidden errors, Testlio finds.

Rapid7's report reveals cyber threats evolving with AI-powered phishing, rising ransomware alliances, and faster exploitation of vulnerabilities worldwide.

The global financial sector faces a 25% surge in cyberattacks for 2024, with nearly 45% of employees prone to phishing, raising critical human risk concerns.

Cloudflare blocked a record 7.3 Tbps DDoS attack in Q2 2025 amid a 44% annual rise in attack severity, highlighting growing cyber threats to critical sectors.

Researchers from HP have uncovered a rise in fake CAPTCHA challenges used by cybercriminals to install malware, exploiting users' increased online click tolerance.

A recent report by Arctic Wolf reveals cybercriminals are evolving their tactics, with 96% of ransomware cases now involving data theft to maximise ransom pressure.

The OpenText 2024 report reveals rising collaboration between nation-states and cybercrime groups, posing a serious threat to global supply chains.

Almost 40% of systems tested by Picus Security are vulnerable to complete takeover, with macOS being notably weaker in stopping cyber-attacks.

Cybersixgill debuts its AI-powered IQ Report Generator, offering rapid, customised threat intelligence reports, revolutionising the CTI reporting process for MSSPs and security teams.

BeyondTrust's 2024 Microsoft Vulnerabilities Report shows Elevation of Privilege (EoP) dominating the vulnerability class for a fourth year.

The Threat Spotlight report by Barracuda Networks reveals a surge in cyberattacks exploiting web application security gaps, with over 18 billion attacks mitigated in 2023.

Google Cloud's 2024 Threat Horizons Report identifies credential misuse, cryptomining, ransomware, and data theft as the key cloud-related threats, citing the need for stringent defensive strategies.