Cyber Insider
-
Flowise RCE shows AI builder risk
A critical Flowise vulnerability shows how self-hosted AI builder tools can become infrastructure exposure through connectors, credentials, workflow imports, and server-side execution.
-
Microsoft outage exposes identity dependency
Microsoft’s MFA setup and My Sign-Ins incident exposed the operational dependency now carried by cloud identity platforms, enrolment workflows, and access recovery.
-
Red Hat packages hit npm supply chain
A reported Red Hat npm package compromise puts trusted namespaces, CI/CD publishing, cloud credentials, and developer secrets under fresh software supply-chain scrutiny.
-
AUKUS moves undersea resilience into capability
AUKUS partners plan uncrewed undersea systems from 2027, placing cable, pipeline, telecoms, energy, and cloud dependency inside the UK’s cyber-physical resilience agenda.
-
European agencies warn on Russian technology targeting
European intelligence warnings link Russian technology targeting to sanctions pressure, cyber espionage, defence suppliers, dual-use research, and critical infrastructure exposure.
-
France keeps Exchange alert active
France has kept its Exchange Server warning active, keeping exposed mail infrastructure, emergency mitigations, and compromise detection inside the current European risk cycle.
-
France flags enterprise patch pressure
France’s cyber agency has flagged another heavy enterprise patch week, with infrastructure, identity, cloud, application, and security platforms all competing for risk-based remediation.
-
Belgium warns Netlogon flaw is exploited
Belgium says a critical Netlogon flaw is now being exploited, putting domain-controller patching, compromise detection, and Active Directory recovery at the centre of enterprise identity risk.
-
MPs press FCA over Palantir data risk
The FCA says its Palantir trial uses encrypted data under regulator control, but MPs and campaigners want clearer answers on US legal exposure, procurement dependency, and public-sector AI governance.
-
Who governs machine-speed cyber defence?
GCHQ’s AI defence case raises hard questions about how autonomy, oversight, private-sector data, procurement, and accountability will be governed in machine-speed cyber response.