Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below –... Read more »

Xsolis Data Breach Impacts 1.4 Million People

Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a... Read more »

ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates

Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and June 2026... Read more »

South Essex councils deploy IoT networks to power smart city services

Councils create a shared regional network to help roll out smarter local services faster and at lower cost, with the project delivered £40,000 under budget while achieving 98% regional coverage Read more »

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users’ HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memory... Read more »

The brain was never just a language model

The future of AI: the brain is much more than a large language model. It is a fusion engine, able to weigh multiple streams of data at the same... Read more »

Roundtable: UK tech chiefs on agentic AI, workforce culture and tokenomics

Tech leaders from THG Ingenuity, Kingfisher, Rightmove and Deloitte speak at the Google Summit London about the transition to agentic systems and the rising focus on token costs Read more »

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim’s project hijack the victim’s machine learning model upload and... Read more »

Why sovereign cloud is a marketing fix, not an architectural one

Sovereign cloud wrappers fail against physical and legal risks. True sovereignty requires building mathematically-enforced, multi-jurisdictional infrastructure, not vendor contracts Read more »

Ransomware bans won’t stop ransomware. Resilience might

Proposals to ban UK government organisations from paying ransomware gangs appear to have lost momentum. The conversation should move towards making critical systems more resilient to attack Read more »
Subscribe to our Newsletter