UK National Cyber Security Centre.
- Software supply chain attacks: check your dependencies
on June 4, 2026 at 12:00 pmAttackers are compromising open-source packages to spread malware. Cyber defenders are asked to review dependencies to reduce risks
- Designing secure access with ZTNAon May 27, 2026 at 12:00 pm
New guidance explains how to design Zero Trust Network Access architectures aligned with zero trust principles and not built on old trust assumptions.
- Thinking carefully before adopting agentic AIon May 15, 2026 at 12:00 pm
When it comes to using agentic AI, make sure you can walk before you run.
- 10 questions to ask when using AI models to find vulnerabilitieson May 11, 2026 at 12:00 pm
Using Artificial Intelligence to find vulnerabilities can bring added security considerations.
- Preparing for a ‘vulnerability patch wave’on May 1, 2026 at 12:00 pm
Organisations must act now to prepare for a wave of patches that will address decades of technical debt.
- Could your choice of metrics be harming your SOC?on April 27, 2026 at 12:00 pm
Poor metrics can render a well-intentioned security operation centre entirely ineffective.
- International cyber agencies share fresh advice to defend against China-linked covert networkson April 23, 2026 at 12:00 pm
New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.
- NCSC: Leave passwords in the past – passkeys are the futureon April 23, 2026 at 12:00 pm
Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.
- Passkeys are more secure than traditional ways to log inon April 23, 2026 at 12:00 pm
Passkeys offer a more usable, secure replacement for passwords and are already supported by most modern devices.
- Defending against China-nexus covert networks of compromised deviceson April 23, 2026 at 12:00 pm
Explaining the widespread shift in tactics, techniques and procedures (TTPs) towards networks of compromised infrastructure, and how to defend against it
- Executive Summary: Defending against China-nexus covert networks of compromised deviceson April 23, 2026 at 12:00 pm
Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.
- Supporting AI adoption for UK cyber defenceon April 23, 2026 at 12:00 pm
Adopting AI will require time, the development of new capabilities and careful oversight.
- World-first NCSC-engineered device secures vulnerable display linkson April 22, 2026 at 12:00 pm
SilentGlass, a plug-and-play device, actively blocks any unexpected or malicious HDMI and Display Port connections.
- New cross domain guidance for government, industry and the wider security communityon April 21, 2026 at 12:00 pm
Ensuring cross domain technologies are better understood – and more easily deployed – across sectors.
- Cyber chief: UK faces “perfect storm” for cyber securityon April 21, 2026 at 12:00 pm
As the technology landscape develops, the definition of cyber security is expanding with it.
- Preparing for severe cyber threat: why leaders must act nowon April 20, 2026 at 12:00 pm
A call to action to collectively build UK resilience.
- Strengthening cyber resilience across the NHS with collaboration and innovationon April 17, 2026 at 12:00 pm
How the NCSC is reducing risk, improving detection, and helping to keep vital services running.
- Retaining defensive advantage in the age of frontier AI cyber capabilitieson April 15, 2026 at 12:00 pm
As AI accelerates vulnerability discovery, organisations must raise their security baselines to safeguard their cyber security.
- APT28 exploit routers to enable DNS hijacking operationson April 7, 2026 at 12:00 pm
Russian cyber actor APT28 exploit vulnerable routers to hijack DNS, enabling adversary‑in‑the‑middle attacks and theft of passwords and authentication tokens.
- UK exposes Russian military intelligence hijacking vulnerable routers for cyber attackson April 7, 2026 at 12:00 pm
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
