Penetration testing stories

Over 80,000 Microsoft Entra ID accounts have been targeted in the UNK_SneakyStrike takeover campaign exploiting the TeamFiltration penetration testing tool.

LevelBlue will acquire Aon's Cybersecurity and IP consulting teams, including Stroz Friedberg, adding 300 experts and boosting global cyber defence services.

Audrey Adeline of SquareX warns the browser, where 80% of device time is spent, is the new cybersecurity battleground in an evolving threat landscape.

Cobalt updates its Offensive Security Platform to streamline pentesting with faster launches, real-time collaboration, clearer risk prioritisation, and workflow automation.

Retailers face a surge in cyber-attacks as weak defences and lapses in multi-factor authentication make them prime targets for criminals seeking valuable data.

Outpost24 is named the only European Overall Leader in the 2025 KuppingerCole report, advancing from Challenger to lead in Attack Surface Management.

Ekco has acquired Manchester cyber security firm Predatech, expanding its pen testing services and opening its first northern England office in the UK.

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

The Legal Aid Agency has suffered a major cyber-attack, exposing personal data of over two million individuals dating back to 2010 in England and Wales.

Ransomware attacks in Australia surged in 2023–24, costing businesses up to AUD $97,200 on average, urging firms to bolster cyber defences and response plans.

Kaspersky Endpoint Security has achieved 100% tamper protection in AV-Comparatives' April 2025 test, proving its unrivalled resilience on Windows 11 systems.

Pangea's study reveals significant security risks in AI deployment, with one in ten prompt injection attacks bypassing basic defences in corporate systems.

The Australian Human Rights Commission has suffered a data breach after sensitive documents were exposed online due to a server misconfiguration, raising security concerns.

e2e-assure partners with Validato to offer businesses continuous cyber security validation, enhancing defence against evolving threats using MITRE ATT&CK framework.

CyXcel, part of Weightmans, has earned CREST accreditation for its Cyber Incident Response Services, affirming its high standards and expertise in cyber resilience.

Over 50% of enterprises now use software-driven penetration testing as their primary method to identify IT vulnerabilities, reveals Pentera survey.

Bugcrowd joins AWS ISV Accelerate Program, enhancing global reach and co-selling to offer crowdsourced security services via AWS sales teams worldwide.

Shannon Murphy of Trend Micro urges better cross-department collaboration and visibility to manage AI risks and secure generative AI in enterprises.

Marks & Spencer's recent cyber attack exposes vulnerabilities in the UK's food supply chain, prompting urgent calls for stronger cyber security measures.

Reversec has launched as an independent cybersecurity consultancy, focusing on offensive strategies to help organisations tackle evolving digital threats globally.