A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware. [...]
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents. [...]
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits. [...]
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. [...]
Citrix has patched two NetScaler ADC and NetScaler Gateway vulnerabilities, one of which is very similar to the CitrixBleed and CitrixBleed2 flaws exploited in zero-day attacks in recent years. [...]
An NCSC assessment highlighting the impacts on cyber threat from AI developments between now and 2027.
Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.
An NCSC assessment focusing on how AI will impact the efficacy of cyber operations and the implications for the cyber threat over the next two years.
Key findings and full report from the 6th year of the Active Cyber Defence (ACD) programme.
An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.
Report informing readers about the threat to UK industry and society from commercial cyber tools and services.
This report outlines the risks associated with the use of official and third party app stores.
The 2nd joint report between the NCSC and KPMG UK benchmarks against the 2020 findings to gauge what progress has been made.
The year four report covers 2020 and aims to highlight the achievements and efforts made by the Active Cyber Defence programme.
The year three report covers 2019 and aims to highlight the achievements and efforts made by the Active Cyber Defence programe.
Technical report on best practice use of this fundamental data routing protocol.
Joint report between the NCSC and KPMG UK is the first in a series to benchmark and track levels of diversity and inclusion in the cyber security industry.
The NCSC report highlights the cyber threats faced by the sports sector and suggests how to stop or lessen their impact on organisations.
A summary of the NCSC’s analysis of the May 2020 US sanction which caused the NCSC to modify the scope of its security mitigation strategy for Huawei.
NCSC technical paper about the privacy and security design of the NHS contact tracing app developed to help slow the spread of coronavirus.