Features • Assured

Features 22.05.2026

AI Autopsy: Axios Campaign Charts an Evolution in Social Engineering

For CISOs, there are two points of concern. The use of new social engineering tactics and the continued challenges presented by Trojanised open source packages

Features 12.05.2026

AI Autopsy: Vercel Breach Shows SaaS Integrations Are the New Attack Path

How one supply chain incident snowballed into a full-blown customer data breach

Features 06.05.2026

AI Autopsy: A Systemic Flaw in MCP Puts the Agentic AI Supply Chain at Risk

What happens when a ‘systemic’ flaw appears in a protocol, and its designer refuses to patch it?

Features 28.04.2026

AI Autopsy: APT28’s SOHO Router Campaign Exposes the Hybrid-Work Blind Spot

The bad news: your employee’s 10-year-old home router is part of your network infrastructure

Features 21.04.2026

AI Autopsy: The LiteLLM Backdoor Shows Why AI Gateways Are Prime Supply-Chain Targets

Ian Williams explores how a poisoned PyPI package turned an AI proxy into a shortcut to cloud, code and runtime environments

Features 14.04.2026

AI Autopsy: Two iOS Kits Herald a New Era of Mass Exploitation

The era of permissive BYOD policies may be coming to an end

Features 07.04.2026

AI Autopsy: Interlock zero-day campaign exposes firewall management as Tier-0 risk

What happens when threat actors hijack critical security controls?

Features 24.03.2026

AI Autopsy: What Stryker’s Wiper Attack Says About Geopolitical Risk in 2026

A large-scale wiper attack on Stryker highlights how identity compromise and geopolitical tensions are reshaping cyber risk for critical supply chains.

Features 24.03.2026

AI Autopsy: Ivanti Zero-Day Breaches Put MDM Platforms in the Crosshairs

CISOs must start treating their mobile device management tools as critical control planes

Features 18.03.2026

AI Autopsy: Vibe Coding Fuels Global FortiGate Compromises

Why CISOs must ruthlessly enforce the fundamentals

Features 03.03.2026

AI Autopsy: France Travail’s 37 Million Reasons to Improve Security Posture

France Travail’s failings are a reminder that identifying risk is not the same as managing it

Features 02.03.2026

Dial C for Cyber: Why Benelux Telcos Are Under Attack

What telco CISOs need to do to avoid becoming the next Odido

Features 24.02.2026

AI Autopsy: ShinyHunters Go on a Vishing-Fuelled SSO Rampage

How CISOs can tackle sophisticated, real-time MFA bypass

Features 18.02.2026

Security and Continuity: How a Minimum Viable Company Posture Can Help CISOs

For a growing number of organisations, the concept of a minimum viable company (MVC) has become essential following the large high-profile cyber attacks of late

Features 11.02.2026

AI Autopsy: ChainLeak Creates a New Attack Surface Out of Traditional Flaws

Why AI frameworks are a new front in the battle against cyber risk

Features 28.01.2026

AI Autopsy: How Free’s Data Breach Became a €42m Regulatory Reckoning

How a series of avoidable weaknesses cost the French telco dear

Features 22.01.2026

AI Autopsy: A Data Breach Down Under at Insurer Prosura

On January 3, insurance specialist Prosura identified unauthorised access to “a portion of our internal IT systems” by an unknown third party

Features 20.01.2026

AI Autopsy: Coupang Tackles a Malicious Insider

How did a former employee go undetected for five months?

Features 15.01.2026

AI Autopsy: Why the ICO fined LastPass £1.2m

A tale of poor incident response, sub-par encryption and an imperfect BYOD policy

Features 13.01.2026

Unpacking Prompt Injection: The AI Vulnerability You Can’t Patch Away

The NCSC has warned of a “dangerous misunderstanding” about these GenAI threats.

Features 05.01.2026

The Year Ahead: What 2026 Has in Store for CISOs and Cyber Insurance

We lay out five trends that we expect to move and shake the cyber insurance landscape in 2026

Features 26.12.2025

A Year in Cyber Insurance: The Trends That Defined 2025

Assured has been watching the cyber insurance market closely over the past 12 months to understand what might happen next

Features 18.12.2025

AI Autopsy: React2Shell Scores a Perfect 10

The ghost of Christmas past, Log4Shell, looms over a critical new vulnerability

Features 16.12.2025

AI Autopsy: Asahi Beer Runs Dry After Ransomware Breach

As details of Asahi’s ransomware incident poured out, how can CISOs turn these findings into actionable learnings?

Features 12.12.2025

AI Autopsy: How Shai-Hulud 2 Is Rewriting the Rules of Supply Chain Security

A devastating worm is ripping through npm like the sands of Arrakis.

Features 02.12.2025

Is Agentic AI Set to Transform SecOps?

Autonomous SOCs could soon become standard industry practice

Features 27.11.2025

AI Autopsy: A New npm Campaign Spells Trouble for the Software Supply Chain

The ‘IndonesianFood’ campaign has already flooded npm with over 150,000 spammy packages across multiple accounts

Features 25.11.2025

AI Autopsy: How Significant Is Google’s AI-Enabled Malware Discovery?

Have we reached a tipping point in dynamic malware generation and obfuscation?

Features 13.11.2025

AI Autopsy: Ransomware Attack on Clinical Diagnostics NMDL Exposes Cancer Screen Patients’ Data

The ransomware attack on Clinical Diagnostics NMDL once again highlights the importance of supply chain security

Features 06.11.2025

AI Autopsy: Why the F5 Breach Has Put the Internet on High Alert

Could this be the most significant security vendor incident since SolarWinds?

Features 05.11.2025

How ‘Vibe-Coded’ Copycat Attacks Could Muddy the Cyber Waters

What happens when threat actors feed security blogs into AI?

Features 30.10.2025

AI Autopsy: Cl0p Is Back with a Zero-Day Exploit Targeting Oracle EBS

Victims from this data extortion campaign had yet to appear en masse on the Cl0p leak site, but repercussions could still be significant

Features 24.10.2025

AI Autopsy: Capita’s 2023 Breach Laid Bare by the ICO

A £14m regulatory fine is just the tip of the iceberg.

Features 17.10.2025

AI Autopsy: A New GoAnywhere Campaign Delivers Medusa Ransomware

It’s 2023 all over again as Fortra’s file transfer software is targeted.

Features 09.10.2025

AI Autopsy: Shining a Light on the Brickstorm Backdoor

A stealthy, persistent cyber-espionage campaign has gone undetected for over a year

Features 07.10.2025

Why Irresponsible Users Put Open Source Security on Shaky Ground

Some of the world’s richest companies are taking advantage of free software. That’s bad news for open source security.

Features 02.10.2025

AI Autopsy: How a Supply Chain Attack Hobbled Some of Europe’s Busiest Airports

Heathrow and other European airports ground to a halt after a cyber attack on Collins Aerospace’s Muse system. It’s time for an autopsy.

Features 30.09.2025

Gone Vishing: How to Tackle a Rise in Helpdesk Attacks

Scattered Spider is raising the stakes for IT and security teams

Features 23.09.2025

How Scared Should CISOs Be of Salt Typhoon?

The Chinese APT group is on the hunt for high-value targets.

Features 18.09.2025

What’s the Best Approach to Lower Your Cyber Insurance Premiums?

We examine the advantages and limitations of using cyber insurance requirements to guide security strategy.

Features 09.09.2025

A New Era of Ransomware: Data Leaks, Physical Threats and Wiped Backups

Ransomware groups are changing their tactics as more victims refuse to pay.

Features 02.09.2025

How CISOs Can Stay on the Right Side of a Yawning AI Divide

The next stage of malicious AI use is upon us. CISOs should take note.

Features 26.08.2025

What the Salesforce Campaign Tells CISOs About SaaS Risk

ShinyHunters has been on a tear, targeting Salesforce customers’ databases

Features 19.08.2025

Shadow AI is Driving Data Breaches: Here’s How to Illuminate It

Some useful insights from IBM’s Cost of a Data Breach report

Features 12.08.2025

Iran: What’s the Real Threat to CISOs?

Iran’s cyber capabilities are a growing concern, but should corporate security leaders be concerned?

Features 05.08.2025

The Rise and Risk of the Fake Employee: How CISOs Respond

North Korean IT workers are laying down virtual roots in the West.

Features 29.07.2025

Inside the MoD’s New Cyber Command: Why the Government Initiative Needs to be on CISOs’ Radars

The MoD’s Cyber Command will give the UK a decisive defensive advantage. But what does it mean for the private sector?

Features 22.07.2025

How Infostealers Come For Your Business Data

Responsible for three quarters of last year’s credential thefts, infostealers are not to be underestimated

Features 15.07.2025

Cyber Insurance: Government Stats Versus Real Facts

According to the UK government’s annual report, cyber insurance take-up has stalled. If that’s the case, who and what’s to blame?

Features 08.07.2025

Managing the Threat from the Other Kind of ‘Dual-Use’ Technology

Understanding how adversaries can abuse legitimate tools and infrastructure is an increasingly important part of the CISO’s role.

Features 01.07.2025

AI Autopsy: Adidas Cyber Attack

The latest Adidas incident comes amid a wave of numerous high-profile breaches in the retail sector. Assured Intelligence gives the incident the AI autopsy treatment

Features 24.06.2025

Preparing For Q-day: The Cat and Mouse Race to Break Encryption

Quantum computing promises to change the fundamentals of computation in ways we haven’t seen since the introduction of the ENIAC

Features 17.06.2025

A New Wave of Cyber Criminal: Dissecting “The Com” and Other Homegrown Groups

M&S, MGM Resorts, and Santander are among ‘The Com’s’ growing list of victims

Features 13.06.2025

Beware the Tariff Man: How a US Trade War Could Impact Cybersecurity

How will the cybersecurity industry be affected by the volatile US tariff situation?

General 05.06.2025

AI Autopsy: Five Lessons From The M&S Ransomware Attack

A month after the ransomware cyber assault, M&S is yet to get services back up and running. Kate O’Flaherty gives the crisis the AI autopsy treatment

Features 03.06.2025

Cybersecurity in the Aviation Sector Is Taking Off: Here’s Why

An industry where safety and security are non-negotiable

Features 27.05.2025

Cybercrime Losses Are Soaring: Here Are Three Takeaways for Security Leaders

Threat actors have made over $50bn since 2020

Features 20.05.2025

How the CVE Nearly Died, and What Happens Next

The US government can no longer be trusted on cybersecurity

Features 13.05.2025

AI Autopsy: Advanced Data Breach

A 2022 supply chain ransomware attack that crippled key NHS services

Features 06.05.2025

Five CISO Takeaways from Verizon’s DBIR

Actionable advice from security leaders, for security leaders

Features 02.05.2025

UK Retailers Are Under Attack: Here’s What You Need to Know

What CISOs can learn from ongoing incidents at M&S, the Co-op and Harrods

Features 29.04.2025

Uncovering the Hidden Pillars Supporting the UK’s Digital Supply Chain

What you can’t see could hurt your organisation

Features 22.04.2025

Why Are Firms Failing with NIS2 Compliance?

A new ENISA report lays bare the challenges of aligning with the directive

Features 15.04.2025

Medusa Ransomware: What CISOs Need to Know

Inside the ransomware variant that has US officials nervous

Features 08.04.2025

Could Content Credentials Be the Answer to the Deepfake Threat?

Momentum is building behind an initiative to enhance digital content transparency

Features 01.04.2025

Beyond the Blackphone: Mobile Security in 2025

How can enterprises protect themselves in an increasingly connected world?

Features 27.03.2025

What CISOs Should Fear From a US-Russia Détente

Donald Trump’s attempts at diplomacy could embolden Russian state hackers.

Features 25.03.2025

There Will Be Bugs: How the NCSC Is Trying to Eradicate an Entire Class of Vulnerabilities

Some software flaws are simply unforgivable

Features 18.03.2025

A Cyber-Richter Scale: How a New UK Cyber Monitoring Centre Could Help CISOs

Can consistency in cyber-event categorisation help build resilience?

Features 11.03.2025

Apple Pulls End-to-End Encryption in iCloud: What Does It Mean for CISOs?

Apple has set a dangerous precedent, warn experts

Features 04.03.2025

Is It Time to Worry About GenAI? How to Keep Your Business Safe

GenAI offers risk as well as opportunity for organisations

Features 27.02.2025

Is the ICO’s Public Sector Approach Really Working?

Is the carrot mightier than the stick in data protection regulation?

Features 25.02.2025

How to Usher in AI Growth Without the Cyber Pain

The government’s new AI plan does little to address potential risks

Features 18.02.2025

Words Matter: Why Interpol Wants to Stop Victim Shaming

The policing group recently called for a change to the term “pig butchering”

Features 11.02.2025

Six Reasons Why the Government’s Ransom Payment Ban Won’t Work

They have been proposed before, but experts are sceptical.

Features 04.02.2025

What’s Wrong with the Government’s Security Posture and How Do We Fix It?

A new NAO report reveals just how poor government cyber resilience is

Features 30.01.2025

The Top Software Weaknesses of 2024, and What to Do About Them

MITRE has published its Top 25 Most Dangerous Software Weaknesses report

Features 28.01.2025

Windows 10 Is Nearing End of Life, So What Should CISOs Do?

With less than a year to upgrade, the clock is ticking for organisations

Features 21.01.2025

What’s Wrong with Open Source, and How to Fix It

Open source software is under-resourced and under attack. This is a problem for everyone.

Features 14.01.2025

Apple Intelligence Is Here: Should CISOs Be Concerned?

Businesses will soon be brimming with the tool. That could be a challenge.

Features 07.01.2025

The Truth About Deepfakes, and How to Tackle Them

Cheap, convincing and ubiquitous – how do we stop AI-powered fakes?

Features 23.12.2024

Malvertising 101: How Brands Can Prevent Malicious Ads Destroying Their Reputation

The National Cyber Security Centre (NCSC) recently published its first malvertising guidance document for brands.

Features 19.12.2024

AI Autopsy: Microlise and Supply Chain Dominoes

In late October 2024, telematics provider Microlise was hit by an alleged ransom attack that impacted multiple companies reliant on its solution.

Features 17.12.2024

Five Incidents that Shaped the Cybersecurity Landscape in 2024

Assured Intelligence has compiled a breakdown of the top events that helped define the security landscape in 2024

Features 03.12.2024

Quantum Computing Breaks Encryption: How Worried Should CISOs Be?

How close are we to the end of encryption as we know it?

Features 26.11.2024

AI Autopsy: UnitedHealth Ransomware: An Entirely Preventable Attack

How well did UnitedHealth handle the breach, and what can others learn from it?

Features 21.11.2024

Are Backups Beyond Data Enough to Secure Ransomware Resilience?

In an era of increasing ransomware, backups aren’t enough. Are new capabilities to restore your entire tech infrastructure the answer?

Features 12.11.2024

ISC2 Workforce Gap Metric Infuriates Cybersecurity Pros as Jobs Prove Hard to Find

With many skilled cybersecurity professionals scrabbling around for work, it’s no wonder ISC2’s wild workforce gap claim is jarring to many. Assured Intelligence wades through the controversy

Features 05.11.2024

Shifting the Blame: Should Breached Companies Play Up Their Victimhood?

Can reputation damage after a breach be mitigated with smarter crisis comms?

Features 31.10.2024

Trouble Squared: What Happens When Nation States and Cyber Criminals Work Together?

Reports claim that the majority of attributable malware-based attacks are now state-sponsored. What does this mean for CISOs?

Features 22.10.2024

AI Autopsy: American Water Cyber Attack

On October 3 2024, American Water, the largest water company in the US, discovered it had been hit by a cyber attack

Features 15.10.2024

Follow the Honey: How Cyber-Deception Can Help CISOs

The NCSC is building “a nation-scale evidence base” for cyber-deception

Features 08.10.2024

Critical Infrastructure Under Cyber Siege

60% of UK CNI organisations have experienced ransomware over the previous year

Features 03.10.2024

Game Over? Cybersecurity Threats Surge in Online Gaming

Are your employees gamers? And if so, what does that mean for your security posture?

Features 26.09.2024

AI Autopsy: The Long Road to Recovery for the British Library

The British Library has shared a detailed report of the 2023 cyber incident and its aftermath. Assured Intelligence picks out the highlights for our autopsy report