Policy
-
Poland detains three Ukrainian nationals over alleged use of advanced hacking equipment
Polish police arrested three Ukrainian nationals, aged 39–43, accusing them of attempting to damage IT systems and obtaining data important to national defence; officers seized hacking equipment including a Flipper device, multiple SIM cards and other electronics, and have detained the men for three months pending trial.
-
UK’s NCSC pilots Proactive Notifications to warn organisations of exposed devices
The UK’s National Cyber Security Centre has begun piloting Proactive Notifications, a Netcraft-delivered service that scans public internet data to warn organisations about exposed devices and recommend updates; it complements the NCSC’s Early Warning alerts but is not a replacement and has no announced end to the pilot phase.
-
U.S. to release six-part national cybersecurity strategy in January, sources say
Sources say the Trump administration plans to release a five-page, six-pillar national cybersecurity strategy in January, emphasizing deterrence, workforce, procurement, infrastructure and emerging technologies; an executive order and exact timing remain unconfirmed.
-
India orders messaging apps to require active SIM and periodic web re‑authentication
India’s telecom regulator has ordered messaging apps to bind accounts to an active SIM and force six‑hour web session logouts, citing risks from long‑lived sessions and cross‑border fraud; providers have 90 days to comply.
-
Authorities shut down cryptocurrency mixer Cryptomixer, seize nearly $28 million in Bitcoin
European authorities shut down the cryptocurrency mixer Cryptomixer and seized nearly $28 million in Bitcoin, servers and data in an operation Europol said was part of a wider effort to disrupt money laundering tied to ransomware, fraud and other crimes.
-
Microsoft to block unauthorized scripts on Entra ID sign-ins with CSP update
Microsoft will change the Content Security Policy for browser-based Entra ID sign-ins at login.microsoftonline.com to block unauthorized scripts and allow only trusted Microsoft domains, with a global rollout beginning mid-to-late October 2026; organisations are asked to test sign-in flows and avoid tools that inject code.
-
Major US banks review exposure after SitusAMC data breach
SitusAMC, a mortgage services vendor, said attackers accessed its systems in a breach discovered Nov. 12 and confirmed Nov. 22; major banks including JPMorgan, Citi and Morgan Stanley are reviewing potential customer data exposure while the FBI and the company continue an investigation.
-
SEC asks court to dismiss lawsuit against SolarWinds and its CISO
The SEC moved to voluntarily dismiss its enforcement action against SolarWinds and CISO Timothy G. Brown on Nov. 20, 2025. The agency had accused the company of overstating cybersecurity practices and failing to disclose risks related to the 2020 supply‑chain compromise, but many allegations were previously dismissed by a federal court.
-
MI5 warns Chinese agents using social media and fake recruiters to target UK parliament and officials
MI5 has issued an espionage alert warning that Chinese intelligence officers are using social media and fake recruiters to cultivate people with access to sensitive UK information, Security Minister Dan Jarvis told parliament, and the government has removed Chinese-made surveillance equipment from sensitive sites.
-
CISA orders federal agencies to remediate two exploited Cisco firewall flaws
CISA ordered U.S. federal agencies to remediate two actively exploited Cisco ASA and Firepower vulnerabilities (CVE-2025-20333, CVE-2025-20362), warned that some devices reported as patched remain vulnerable, and added three flaws to its KEV catalog with a December 3, 2025 remediation deadline.
