Casio Website Infected With Skimmer
A threat actor has infected the website of Casio UK and 16 other victims with a web skimmer that altered the payment flow to harvest and exfiltrate visitors’ information, web security provider Jscrambler reports.
Passkeys: they're not perfect but they're getting better
Now we’re in 2025, a lot more services are offering passkeys as a replacement for passwords and the NCSC believes they are the future of modern authentication. However, there are still some significant bumps in the road ahead. Here we set out the case for mass adoption of passkeys and outline the remaining issues which are hindering their widespread implementation. The NCSC will work alongside industry to help resolve these problems and help to get passkeys over the line.
Ministers consider ban on all UK public bodies making ransomware payments | Cybercrime | The Guardian
Prohibition would bring the NHS, schools and local councils into line with government departments
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks | TechCrunch
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing
U.K. investigators tell the story of how examining a cybercrime group's extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow's elite.
Ransomware hackers target NHS hospitals with new cyberattacks
Two NHS trusts in England have been hacked in recent weeks, the latest attacks to hit the national health service.
UK hospital network postpones procedures after cyberattack
Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, has suffered a cyberattack that caused a systems outage leading to postponing appointments and scheduled procedures.
UK drinking water supplies disrupted by record number of undisclosed cyber incidents
A record number of cyber incidents impacted Britain’s critical drinking water supplies this year without being publicly disclosed, according to information obtained by Recorded Future News. The exact nature of these incidents is unclear, and they may include operational failures as well as attacks. Under British cybersecurity laws — known as the NIS Regulations — critical infrastructure companies are required to report “significant incidents” to the government within three days or face a fine of up to £17 million ($21 million).
Cyberattack disables tracking systems and panic alarms on British prison vans
Microlise, a telematics company, said a network intrusion affected services that it provides to British prisoner escort vans.
Lynx Ransomware: A Rebranding of INC Ransomware
Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics.
British intelligence services to protect all UK schools from ransomware attacks
GCHQ's National Cyber Security Centre (NCSC) is rolling out a free service that will help protect schools from connecting to malicious internet domains.
UK Ambulance Services targeted by Kremlin-protected Russian hackers
A cyber security expert warns the hack, uncovered by i, presents a 'terrible threat to public health safety'
Further Evil Corp cyber criminals exposed, one unmasked as LockBit affiliate - National Crime Agency
Sixteen individuals who were part of Evil Corp, once believed to be the most significant cybercrime threat in the world, have been sanctioned in the UK, with their links to the Russian state and other prolific ransomware groups, including LockBit, exposed. Sanctions have also been imposed by Australia and the US, who have unsealed an indictment against a key member of the group.
U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The…
New Criminal Complaint Over Pegasus Spyware Hacking of journalists and activists in the UK
Four victims of Pegasus spyware in the UK have this week filed a criminal complaint with the Metropolitan Police.
Qilin ransomware attack on Synnovis impacted over 900K patients
The personal information of a million individuals was leaked online following a ransomware attack that in June hit NHS hospitals in London.
UK arrests teen linked to Transport for London cyber attack
U.K.'s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city's public transportation agency.
Data centres as vital as NHS and power grid, government says
Data centres in the UK are to be classified as critical national infrastructure, joining the emergency services, finance and healthcare systems, and energy and water supplies. It means they would get extra government support during a major incident, such as a cyber attack, an IT outage or extreme weather, in order to minimise disruption.
TfL confirms 5,000 customers' bank data exposed
Transport for London's ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees' passwords will need to be reset via in-person appointments.
Owners of 1-Time Passcode Theft Service Plead Guilty
Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in…
Cybercriminals operating ransomware as a service from overseas continue to be responsible for most high-profile cybercrime attacks against the UK
The deployment of ransomware remains the greatest serious and organised cybercrime threat, the largest cybersecurity threat, and also poses a risk to the UK’s national security. Ransomware attacks can have a significant impact on victims due to financial, data, and service losses, which can lead to business closure, inaccessible public services, and compromised customer data. Threat actors are typically based in overseas jurisdictions where limited cooperation makes it challenging for UK law enforcement to disrupt their activities.
Open letter to UK online service providers
Today we've published an open letter to online service providers operating in the UK about the increased risk of their platforms being used to stir up hatred, provoke violence and commit other offences under UK law, in the context of recent acts of violence in the UK.
How the theft of 40M UK voter register records was entirely preventable
A scathing rebuke by the U.K. data protection watchdog reveals what led to the compromise of tens of millions of U.K. voters' information.
NCA infiltrates DDoS-for-hire site as suspected controller arrested in Northern Ireland
The U.K.'s National Crime Agency said it disrupted DigitalStress, a DDoS-for-hire operation that has been “responsible for tens of thousands of attacks every week across the globe.”
Teenage suspect in MGM Resorts hack arrested in Britain
The West Midlands Police said U.K. agencies — in coordination with the FBI — arrested a 17-year-old suspect in a breach that upended MGM's operations last year on the Las Vegas Strip.
APT41 Has Arisen From the DUST
- In collaboration with Google’s Threat Analysis Group (TAG), Mandiant has observed a sustained campaign by the advanced persistent threat group APT41 targeting and successfully compromising multiple organizations operating within the global shipping and logistics, media and entertainment, technology, and automotive sectors. The majority of organizations were operating in Italy, Spain, Taiwan, Thailand, Turkey, and the United Kingdom. APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since 2023, enabling them to extract sensitive data over an extended period. APT41 used a combination of ANTSWORD and BLUEBEAM web shells for the execution of DUSTPAN to execute BEACON backdoor for command-and-control communication. Later in the intrusion, APT41 leveraged DUSTTRAP, which would lead to hands-on keyboard activity. APT41 used publicly available tools SQLULDR2 for copying data from databases and PINEGROVE to exfiltrate data to Microsoft OneDrive
Major London hospitals disrupted by Synnovis ransomware attack
A ransomware attack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London.
Ransomware attack hits major London hospitals
Pathology lab provider targeted, affecting blood transfusions and surgeries
Schools hit by cyber attack and documents leaked
Confidential details including child passport scans and SEN data is published online, the BBC finds.
NHS IT supplier held to ransom by hackers
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.