Patching stories

Rising UK cyber attacks show training alone is failing; firms must embed behavioural security cues into daily work to cut human risk.

Hybrid IT sprawl is driving “structural stress” for sysadmins as security risks rise, responsibilities grow and control over tools shrinks.

New Coruna exploit kit shows outdated iOS devices face automated, scalable attacks that can turn compromised phones into corporate gateways.

LevelBlue and Tenable have teamed up to launch a tiered exposure management service giving MSPs continuous, risk-based visibility.

Acronis finds SMBs patch Microsoft flaws in about eight days, but the slowest endpoints stay exposed to known bugs for over five weeks.

Codific warns power grids face repeat cyberattack patterns and urges utilities to bolster resilience to outages and cascading disruption.

Targa Telematics moves core systems to Equinix data centres in Milan and Frankfurt to bolster data sovereignty, resilience and growth.

Datadog warns 87% of organisations run software with exploitable flaws as ageing code, fast releases and automation amplify DevSecOps risk.

CIQ unveils RLC Pro, a paid Rocky Linux subscription promising long-term support, FIPS-ready security and vendor-backed bug fixes.

Splashtop has integrated its Autonomous Endpoint Management with CrowdStrike Falcon, unifying Windows endpoint status for IT and security teams.

Security debt hits 82% of organisations as legacy flaws linger over a year, with third-party code driving most critical vulnerabilities.

AI-fuelled ransomware, rapid cloud intrusions and identity abuse are transforming cyber risk, slashing response times for defenders.

Tenable warns cloud and AI adoption is creating a widening 'zero‑margin' security gap as exposure grows faster than defenders can respond.

Barracuda warns that unpatched firewalls and weak accounts drove 90% of 2025 ransomware attacks, as threats spread in mere hours.

Cyber attacks on industrial systems in 2025 shifted from quiet spying to coordinated operations aiming to disrupt critical infrastructure.

Data-only extortion soars 11-fold as attackers 'log in instead of break in', abusing remote access tools for faster, stealthier raids.

Arctic Wolf says attackers are actively exploiting a critical BeyondTrust vulnerability in self-hosted remote access systems.

Most households leave router admin passwords unchanged, prompting insurer Everywhen to issue a 10‑step guide to secure home Wi‑Fi.

A newly uncovered SSHStalker botnet uses old-school IRC and legacy Linux exploits to hijack outdated corporate and cloud hosts at scale.

Microsoft rolls out fixes for 55 Windows flaws, including six exploited zero-days hitting Shell, MSHTML, Word and key desktop services.