Threat actors stories

AI will transform cyber threats by 2026, experts say, but warn over-automation and legacy systems could imperil critical infrastructure.

AI-native cyber attacks and synthetic IDs are forcing firms to shift from periodic checks to continuous, AI-driven security testing by 2026.

Fake torrents of Leonardo DiCaprio film One Battle After Another are spreading Agent Tesla malware that hijacks Windows PCs, experts warn.

CrowdStrike’s Falcon platform scores 100% detection and protection with no false positives in MITRE’s toughest cross-domain ATT&CK tests yet.

GhostFrame phishing kit has fuelled over 1m iframe-powered attacks since September, using hidden pages and anti-inspection tricks to evade defences.

AI agents are tipped to sweep through enterprises, shops and security by 2026, automating work, reshaping retail and redefining digital trust.

AI-powered attackers and defenders will clash in 2026, driving autonomous breaches, VPN failures and stricter rules that reshape cyber security.

Microsoft fixes a Windows zero-day used in attacks and Office flaws that can execute code when emails are merely received or previewed.

Ransomware attacks cost Australian organisations AUD $42 billion annually, urging a shift from prevention to pragmatic cyber resilience amid rising threats.

SonicWall confirmed state actors accessed backup cloud files via an API, prompting swift investigation and enhanced security for partners and customers.

Cybersecurity dashboards reveal hidden system risks, providing real-time data to prioritise and rapidly fix vulnerabilities in today’s complex digital environments.

AI-driven cyber attacks are escalating rapidly, outpacing traditional defences and forcing security teams to adopt advanced AI tools to keep pace.

Rapid AI adoption in APJ exposes firms to hidden risks like shadow AI, API vulnerabilities, and leaked credentials, demanding better governance and security.

Iran-linked cyber spies have combined tactics from multiple hacking groups in a new phishing campaign targeting US experts on Iranian politics and the IRGC.

Curly COMrades exploit Microsoft Hyper-V to run hidden malware inside lightweight VMs, evading detection and maintaining stealthy control over targets.

Ransom payments fell to a historic low of 23% in Q3 2025 as cyber extortion tactics shift towards targeted, costlier attacks on larger firms.

Despite 94% public sector confidence in handling supply chain cyberattacks, nearly half faced breaches last year, revealing a troubling gap in resilience.

Automation and AI slash ransomware attack times to 18 minutes, challenging defenders to match speed with automated defences, says ReliaQuest report.

Ransomware has evolved into a profit-centric business, driving cybercrime costs to USD $10.5 trillion and reshaping global cybersecurity risks and responses.

Expel has launched Expel Intel, a new team providing actionable cyber threat insights based on real-world incidents to help security teams improve defences.