Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

CVE-2024-21182 earned a CVSS 7.3 score and a July 2024 Oracle patch. Neither was enough to stop threat actors from finding the organizations that never bothered.

A critical unauthenticated privilege-escalation flaw in the WP Maps Pro plugin lets anyone register a full administrator account — no login, no phishing, no waiting. Active exploitation is already underway.

A sophisticated campaign named Miasma has weaponized npm packages tied to the Red Hat ecosystem, silently harvesting developer credentials and burrowing into CI/CD pipelines the moment a compromised package lands on disk.

An unknown actor targeted the 2FA layer on personal-plan accounts on May 31, 2026. The vaults left the server encrypted. Whether they stay that way depends entirely on how strong each user's master password is.
Phishing remains the number one attack vector for cyber criminals. Learn the telltale signs of a phishing email and how to protect yourself and your organisation from these increasingly sophisticated attacks.
Compromised credentials are implicated in the majority of hacking-related breaches. Discover best practices for creating and managing strong passwords, implementing MFA, and using password managers across your organisation.
Attackers don't just hack computers — they hack people. Understand the psychology behind social engineering attacks and how to train your team to recognise manipulation tactics.
Ensure your organisation meets GDPR requirements with our comprehensive training checklist. From data handling procedures to breach notification protocols, cover all the essentials.
When a security incident occurs, every minute counts. This guide walks through the critical first 24 hours of incident response, from detection to containment and communication.
With hybrid work becoming the norm, securing remote environments is essential. Learn about VPN best practices, secure home networks, and protecting sensitive data outside the office.
Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.
