Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A photoreal close-up of a modern desktop computer screen in a dimly lit office showing a Windows security alert notifica
Vulnerabilities
4 min read
9 Jul 2026

RoguePlanet: Microsoft Patches Defender Zero-Day After Researcher Goes Public in Disclosure Feud

A privilege-escalation flaw tracked as CVE-2026-50656 gave attackers full SYSTEM access on fully patched Windows 10 and Windows 11 machines, and a working exploit was already on the internet before Microsoft shipped the fix.

A photoreal editorial scene inside a modern UK bank compliance office, daytime, neutral tones, a financial analyst in bu
Regulation
4 min read
9 Jul 2026

A £5 Million Crypto Gift to Nigel Farage Triggered a Formal Money-Laundering Alert to the UK's National Crime Agency

Banks that processed the payment filed a Suspicious Activity Report. The Reform UK leader now faces scrutiny from two separate official bodies at the same time.

A photoreal close-up of a developer's hands typing at a mechanical keyboard in a dimly lit office, with multiple termina
Threats
4 min read
8 Jul 2026

17 Fake Payment SDKs on npm and PyPI Stole API Keys and Cloud Credentials from Developers

A single attacker planted 17 counterfeit packages impersonating Paysafe, Skrill and Neteller on the two largest public code registries, silently harvesting secrets from any developer who installed them.

A photoreal editorial close-up of a server rack in a dimly lit data centre, with one rack unit bathed in a subtle red wa
Vulnerabilities
4 min read
8 Jul 2026

CISA Orders Patch for Critical Adobe ColdFusion Flaw and Three Other Actively Exploited Bugs

A perfect-10 severity vulnerability in Adobe ColdFusion is among four flaws now confirmed as actively exploited, putting federal agencies and private organisations on a tight patching deadline.

A tired young man sitting alone in a parked car late at night, one hand holding a smartphone showing an incoming call, s
Threats
4 min read
8 Jul 2026

Fake DoorDash Calls Are Draining Gig Workers' Earnings in Australia

Criminals posing as platform support staff are using vishing and brute-force account takeover to steal wages from delivery drivers. The Transport Workers Union has already recovered more than $50,000 in stolen pay.

A photoreal close-up of a tangled web of illuminated blue fiber optic cables connecting multiple small white Wi-Fi route
Threats
4 min read
7 Jul 2026

UAT-7810: How Chinese Hackers Are Turning Unpatched Routers Into a Spy Network

Cisco Talos has exposed a China-linked group that hijacks Ruckus and ASUS routers through known, unpatched vulnerabilities to build a hidden relay network for multiple state-aligned spying operations.

A photoreal editorial scene inside a dimly lit corporate server room at night, rows of blinking rack-mounted servers cas
Vulnerabilities
5 min read
7 Jul 2026

BeyondTrust Patches Two Critical Pre-Authentication Flaws in Remote Support and Privileged Access Tools

Attackers need no password to exploit CVE-2026-40138, rated 9.2 out of 10. Every self-hosted BeyondTrust appliance is exposed until patched.

A close-up photoreal editorial scene of a smartphone lying on a wooden table, its screen displaying a colourful but slig
Threats
4 min read
7 Jul 2026

FTC Warns: Fake Party Invitations Are the Latest Phishing Hook

Criminals are disguising phishing attacks as wedding and birthday RSVPs. The Federal Trade Commission says victims are handing over passwords and payment details without realising the invitation was never real.

A photorealistic editorial scene showing a corporate office worker at a modern desk looking uncertain at a laptop screen
Threats
5 min read
6 Jul 2026

Fake IT Support Calls on Microsoft Teams Are Dropping EtherRAT Malware on Corporate PCs

Palo Alto Networks' Unit 42 has documented an active attack chain where criminals call employees over Teams, impersonate the IT helpdesk, and install a Node.js trojan that hides its command server inside an Ethereum blockchain.

A wide-angle photoreal editorial scene of an empty wood-panelled parliamentary chamber at dusk, rows of green leather be
Regulation
5 min read
6 Jul 2026

Convicted Fraudster Gave Undeclared Staff and Property to UK Politician, Investigation Claims

Reform UK leader Nigel Farage is under parliamentary scrutiny after a newspaper investigation alleged he accepted security staff, social media workers, and use of a London property from George Cottrell, who pleaded guilty to US wire fraud in 2017, without registering the support with Parliament.

A wide-angle photoreal editorial scene of a formal wood-panelled British political chamber, empty leather benches and a
Regulation
4 min read
6 Jul 2026

Undeclared Gifts and Political Influence: What the Farage-Cottrell Affair Tells Us About Transparency Failures

Reform UK's Robert Jenrick confirmed that party leader Nigel Farage accepted gifts including staff, security, and accommodation from George Cottrell, a convicted fraudster, without registering them in the parliamentary interests register.

A photorealistic editorial scene of a lone software developer sitting at a dimly lit workstation at night, multiple code
Threats
4 min read
5 Jul 2026

108 Poisoned Packages: North Korea's PolinRider Campaign Targets Developer Supply Chains

The Contagious Interview crew has seeded npm, Packagist, Go, and the Chrome Web Store with 108 malicious packages and extensions — all aimed at the developers who build software for crypto firms, banks, and tech companies.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress