Infosec In Brief The UK’s National Cyber Security Centre (NCSC) has found that cyber-deception tactics such as honeypots and decoy accounts designed to fool attackers

A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch

If you’re running React Server Components, you just can’t catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025  • 

Microsoft is overhauling its bug bounty program to reward exploit hunters for finding vulnerabilities across all its products and services, even those without established bounty

The US is suing a former senior manager at Accenture for allegedly misleading the government about the security of an Army cloud platform. Danielle Hillmer,

Civil society groups are urging the UK’s data watchdog to investigate whether the Home Office’s digital-only eVisa scheme is breaching GDPR, sounding the alarm about

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a

Terraform Labs founder Do Kwon will spend 15 years in jail after pleading guilty to committing fraud. Kwon’s company created a token called Terra USD

Terraform Labs founder Do Kwon will spend 15 years in jail after pleading guilty to committing fraud. Kwon’s company created a token called Terra USD

CyberVolk, a pro-Russian hacktivist crew, is back after months of silence with a new ransomware service. There’s some bad news and some good news here.

Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world’s most popular browser’s eighth zero-day bug of 2025. We

The UK’s Information Commissioner’s Office (ICO) says LastPass must cough up £1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up

Business Security Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims Tony Anscombe

A security researcher specializing in tracking China threats claims two of Salt Typhoon’s members were former attendees of a training scheme run by Cisco. SentinelLabs’

A security researcher specializing in tracking China threats claims two of Salt Typhoon’s members were former attendees of a training scheme run by Cisco. SentinelLabs’

Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from

I recently had, what I thought, was a unique brainwave. (Spoiler alert: it wasn’t, but please read on!) As a marketing leader at ESET UK,