asked

AI budgets soar, ROI still elusive

The EU CRA – Treating Cybersecurity as Product Liability

AndyC 30 March 2026

For years, cybersecurity law has mostly behaved like tort law after a car crash. It asked who got hurt,...

Read More

Decentralized Identity and Verifiable Credentials: The Enterprise Playbook 2026

Decentralized Identity and Verifiable Credentials: The Enterprise Playbook 2026

AndyC 17 March 2026

A patient walks into a new hospital. At the front desk, they are asked to fill in their insurance...

Read More

What Boards Must Demand in the Age of AI-Automated Exploitation

What Boards Must Demand in the Age of AI-Automated Exploitation

AndyC 12 March 2026

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be...

Read More

SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms

SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms

AndyC 3 March 2026

Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security...

Read More

NDSS 2025 – Siniel: Distributed Privacy-Preserving zkSNARK

SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms

AndyC 3 March 2026

Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security...

Read More

Mobile app permissions (still) matter more than you may think

Mobile app permissions (still) matter more than you may think

AndyC 28 February 2026

Mobile Security Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them...

Read More

Vendor News

Eeny, meeny, miny, moe? How ransomware operators choose victims

AndyC 29 January 2026

Counter Threat Unit™ (CTU) researchers are frequently asked about ransomware groups posing a threat to organizations in specific verticals or...

Read More

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

AndyC 15 April 2026

If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may...

Read More

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

AndyC 15 April 2026

If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may...

Read More

As breakout time accelerates, prevention-first cybersecurity takes center stage

As breakout time accelerates, prevention-first cybersecurity takes center stage

AndyC 8 April 2026

Business Security Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy. Phil Muncaster...

Read More

Digital assets after death: Managing risks to your loved one’s digital estate

Digital assets after death: Managing risks to your loved one’s digital estate

AndyC 2 April 2026

Digital Security Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay. Phil Muncaster 01...

Read More

This month in security with Tony Anscombe – March 2026 edition

This month in security with Tony Anscombe – March 2026 edition

AndyC 1 April 2026

The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan 31 Mar...

Read More

RSAC 2026 wrap-up – Week in security with Tony Anscombe

RSAC 2026 wrap-up – Week in security with Tony Anscombe

AndyC 28 March 2026

This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with...

Read More

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

AndyC 16 April 2026

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

AndyC 16 April 2026

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

AndyC 16 April 2026

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

AndyC 16 April 2026

Business Logic Flaws: The Silent Threat in Modern Web Applications

AI and Executive Protection: New Risks, New Defenses

AndyC 16 April 2026