Filings

Lloyds Banking Group's security director shared at Infosecurity Europe how the bank actually deploys agentic AI in production. Eleven 'AI bets', a twelfth dedicated to security. Signed tools the agents cannot create. An internal agent marketplace. The world's first production red-team environment using OWASP Top 10 for agentic AI. They saw agent hijack.

Microsoft's threat intelligence team has tracked phishing campaigns built around ChatGPT, Claude, DeepSeek, and Copilot. A South African ChatGPT-themed wave hit 100,000 mailboxes a day. A Claude-themed wave reached 2,000 organisations across the US, UK, and India. The brand is the lure, the payload is the same old stealer.

The FBI's 2025 internet crime report logged $20.9 billion of reported losses, a 26% rise on 2024. Investment fraud is the largest category at $8.6 billion. Business email compromise is the largest enterprise threat at $3 billion. Ransomware, by reported loss, is smaller than either. The shape of the numbers is the story.

Barclays surveyed 1,000 UK business leaders in April. Sixty-eight per cent plan to spend more on cyber security in the next year. Twenty-six per cent say AI brings new risks they cannot answer. Average spend hits £505,000, but a micro business spends £15,000 and a large one spends £1.3 million. The numbers underneath the headline are the more useful ones.

BNP Paribas spent up to €2 million a year on data copying, transformation, and reconciliation across 64 countries. Adding a new data source took more than a year. The fix, announced this month, was to stop copying the data and let consumers query it where it lives. The principle scales down to any SME with more than one system.

On 2 June the UK launched its first new payment scheme since Faster Payments in 2008. Thirty-one founding members, the big nine banks, GoCardless, TrueLayer, Token.io, Yapily. The target is the £1.5 billion a year that UK merchants pay Visa and Mastercard. Wave one is utilities, government, and charities. Wave two is the rest of e-commerce.

London Tech Week 2026 closed with around £7 billion of announced AI investment, £1.1 billion of it a government hardware plan, £200 million for adoption and skills, and £150 million tied to a fund managed by a former Intel CEO. Most of it goes to large companies. A useful slice is reachable by smaller ones.

Railway, a developer platform spending $24 million a year on Google Cloud, was switched off without warning for eight hours. Uber burned through its 2026 AI budget by mid-April. One Dell employee racked up $3,400 of token costs in a day. The numbers behind 'post-cloud' are real, even if the term is over-marketed.

The government finally announced a statutory defence for security researchers under the Computer Misuse Act. The defence covers around 300 people. The UK has 70,000 cybersecurity professionals. The number you remember from this filing is 0.4%.

The attacker already has the password. They press the login button. Your phone buzzes. They press it again. It buzzes again. Five times. Twenty. Two hundred. At three in the morning. Eventually somebody taps approve, just to make it stop. That's how Uber lost its single-sign-on, and it's how a lot of UK firms will lose theirs.

Two-thirds of open-source maintainers do not know the Cyber Resilience Act exists. Most UK firms shipping software into the EU haven't checked whether it applies to them. The deadline is December 2027 and the obligations include something most SMEs do not yet produce: a software bill of materials.

UK workers use AI for almost everything and report it saves them twelve hours a week. They also spend 6.4 hours a week fixing what it produced. Eighty per cent of UK IT leaders just had an unplanned AI cost increase. The numbers underneath the productivity story are sharper than the headlines.

Vulnerability exploitation is now the leading cause of breaches. AI is finding bugs faster than anyone can triage them. Time-to-exploit has gone from 840 days to under two. CISA has rewritten the federal patching rules. If your patching process still runs off CVSS scores, it is solving last year's problem.

The NCSC published two pieces of guidance in a fortnight that an SME owner can actually use. One is about agentic AI, the kind that takes actions on your behalf. The other is about zero trust network access. Both share the same underlying advice: the user's location stopped being a security signal a while ago.

Gov.uk Pay is switching its payment processor from Stripe to Adyen for around 1,000 services. The interesting thing is not which provider won. It is that £9 billion of public-sector payments can be moved across at all, because the contract was designed for it.

The FBI has warned that the Silent Ransom Group is now sending people into law firm offices, claiming to be IT, then plugging a USB drive into a partner's machine. The script is short, reception lets them through, and the data leaves the building. The fix is mostly process, not technology.

From Bletchley Park on 27 May, the GCHQ director said the UK has a narrowing window to keep its technological edge, and announced a blueprint for an AI-driven national cyber defence. Read between the speech lines: the supply chain into critical infrastructure is the lever they actually have.

On 18 May the Bank of England, the FCA, and the Treasury jointly told regulated firms that frontier AI now exceeds what a skilled attacker can do. If you sell into financial services, the diligence questions you get this year are going to look different.

A single GitHub employee installed a trojanised Nx Console extension and around 3,800 internal repositories walked out. The interesting question isn't what GitHub will do next. It's what your editor and browser extensions can already reach.

Your inbox fills up with 2,000 newsletter confirmations in an hour. None of them are malicious. That's the point. The attacker is using the noise to hide a password reset, a fraudulent purchase, or a fake IT support call that lands moments later. A new EPFL paper has the data.

A new wave of startups is publishing 'AI-native' org charts where seven named LLM agents do most of the work. The first step isn't restructuring around agents. It's making your business legible enough that anything, a new hire, an auditor, or eventually an agent, could read it and act on it. AI can help you get there. Future agent costs are a reason not to skip past it.

Most AI policies are vendor templates with the company name swapped in. They ban the obvious, permit the vague, and tell you nothing about how the business actually wants AI used. A coherent policy is a short one that takes a position.

The 1990 Computer Misuse Act predates the public web. Reform has been promised for six years. The May 2026 King's Speech finally put it in a bill, bundled into the National Security Bill. Here's what's likely to change and what's still vague.

A lot of guidance is telling UK businesses they need an electronic complaint form by 19 June 2026. The statute doesn't say that. It says facilitate, and gives a form as one example. Here's what's actually required and what isn't.

A year on from the April 2025 retail attacks, the numbers are in. M&S has posted £101.6 million in direct costs and a 16.4% fall in fashion sales. The Cyber Monitoring Centre put the combined bill at £270 million to £440 million. The useful lessons for an SME are the unglamorous ones.

The NCSC has published guidance on decommissioning assets. The headline is simple: things you no longer use stop being assets and start being liabilities. The boring work of switching them off is one of the highest-value security jobs most businesses skip.

Cifas surveyed 2,000 UK employees at large companies. Nearly a quarter know someone who has fiddled expenses. One in eight know someone who has sold a login. Insider risk is a culture problem before it is a tooling problem.

The NCSC has told UK organisations to prepare for a wave of urgent patches as AI accelerates vulnerability discovery. The same week, NHS England decided the answer was to make its open source repositories private. Only one of those approaches actually fixes anything.

CVE-2026-31431 lets any local user become root on Ubuntu, RHEL, Debian, SUSE, Amazon Linux, and most other distros. The exploit fits in 732 bytes of Python. The bug has been there since 2017.

CVE-2026-41940 lets an unauthenticated attacker take root on a cPanel or WHM server. It was being exploited for around a month before the patch landed. If your website lives on shared hosting, this affects you.

The 2026 UK Cyber Security Breaches Survey says 43% of businesses had an incident in the past year. Phishing was involved in 85% of those. AI hasn't changed what works, it's just lowered the price of doing it at scale.

Two-step verification on. Domain ownership protection on. GoDaddy transferred a non-profit's 27-year-old domain to a stranger in four minutes. The lesson is about the registrar layer most businesses never think about.

Two thirds of UK organisations cannot account for what staff share with AI tools. Now agentic AI is being deployed faster than anyone can govern it. The two problems are the same problem.

Two-thirds of UK IT leaders say they have an AI exit plan. Nearly half admit switching would seriously disrupt the business. A plan you can't execute is not a plan.

The NCSC has flipped its authentication advice at CYBERUK 2026. Passkeys are now the recommended default, and password plus two-step verification is the fallback. The reasoning is worth understanding.

Tickets closed. Rules written. Logs ingested. The NCSC's Dave Chismon argues most security operations metrics actively make detection worse. The one that counts is whether you spot attacks in time.

The UK's data protection regulator is being restructured under the Data (Use and Access) Act 2025. New board, new CEO, new statutory objectives. The name is the least interesting part.

The biggest overhaul of UK security regulation since 2018 is in committee. MSPs are in scope, incident reporting gets a 24-hour clock, and fines go up to £17 million. Here's what it means in practice.

The NPSA gives away a complete, professionally designed security awareness campaign kit. Posters, booklets, checklists, and a full starter guide. Most organisations don't know it exists.

CVE-2026-2441 is actively being exploited in the wild. A use-after-free bug in CSS handling means a crafted webpage is all it takes. Push the update now.

Western Digital's entire HDD capacity for 2026 is sold out. Cloud is 89% of their revenue. HDD prices are up 46% since September. The window for sensible storage pricing is closing.

Schneier and co have reframed prompt injection as 'promptware': a full 7-stage kill chain. The uncomfortable truth: LLMs can't distinguish instructions from data. This isn't a bug you can patch.

Containment over correctness, reversibility over impact, protecting state before touching services. What your first five minutes should actually look like.

Viva.com sends verification emails missing the Message-ID header. Google Workspace and Zoho reject them. The fix is one line of code.

Microsoft's FY2025 numbers tell a clear story. Azure and M365 are two-thirds of revenue. Windows is about 6%. This is a cloud and productivity company.

Notepad++ had its update service hijacked by state-sponsored attackers. Windows Notepad got a CVSS 8.8 command injection. Two editors, two attack vectors, same lesson.

Global Telnet scanning dropped overnight in January 2026. Days later, a critical telnetd authentication bypass was disclosed. The protocol is old. The lesson is current.

A plain-English walkthrough of the five Cyber Essentials controls, what the assessment looks like, and what it does and doesn't prove about your security.