NCSC
-
Dutch authorities take down botnet tied to 17 million infected devices
Dutch authorities have taken offline a botnet of at least 17 million infected devices and seized more than 200 servers in the Netherlands, according to a joint disclosure from the National Cyber Security Centre and police.
-
Dutch finance ministry takes treasury banking portal offline after breach
The Dutch Ministry of Finance has taken its treasury banking portal offline while investigating a cyberattack detected on March 19. About 1,600 public institutions are unable to view balances online, though payments continue through regular banking channels.
-
NCSC alert warns pro-Russian DDoS groups targeting UK local government and operational technology
On January 21, 2026 the UK’s National Cyber Security Centre issued an alert warning that pro-Russian DDoS attacks are targeting British organisations, especially local government and operational technology, and advised steps to harden defences.
-
UK’s NCSC pilots Proactive Notifications to warn organisations of exposed devices
The UK’s National Cyber Security Centre has begun piloting Proactive Notifications, a Netcraft-delivered service that scans public internet data to warn organisations about exposed devices and recommend updates; it complements the NCSC’s Early Warning alerts but is not a replacement and has no announced end to the pilot phase.
-
Kensington and Chelsea says data was copied during London councils IT outage
Kensington and Chelsea Council said evidence shows some data was copied and removed during a recent cyber incident affecting a shared IT environment used by three London councils. The authority has not specified what was taken, who is affected or how long attackers had access, and investigations by the NCSC and the Metropolitan Police are…
-
Microsoft issues out-of-band fix for WSUS vulnerability CVE-2025-59287
Microsoft released an out-of-band cumulative update to address CVE-2025-59287, a critical WSUS deserialization vulnerability being exploited in the wild; admins should apply the patch or disable WSUS/block ports 8530 and 8531 until systems can be rebooted after updating.
-
Dutch Public Prosecution Service Begins Phased Relaunch After Cyberattack Delays Speed-Camera Network
Dutch prosecutors have begun a phased relaunch after a July cyberattack tied to Citrix vulnerabilities, with dozens of speed cameras still offline. The outage follows the first step in restoring services, including email access, as authorities coordinate with the judiciary and victim-support organizations amid ongoing concerns about system-wide interconnections.
-
UK Launches New Software Security Code of Practice Amid Rising Cyber Threats
The UK has launched a voluntary Software Security Code of Practice aimed at enhancing the cybersecurity of software development amid rising threats. The initiative sets out 14 principles to guide vendors, emphasizing the importance of security throughout the software lifecycle. However, its voluntary nature raises concerns regarding the effectiveness of adherence and universal compliance.
-
UK National Cyber Security Centre Reports Surge in Significant Cyber Incidents
The NCSC reports a significant increase in cyber incidents, with over 200 nationally significant cases reported from September 2024 to May 2025. The rise in attacks has raised concerns about national security and the need for stronger policies against ransomware payments.
-
UK Legal Aid Agency Investigates Potential Cybersecurity Breach
The Legal Aid Agency in the UK is investigating a cybersecurity incident that may have compromised the financial information of legal aid providers, amid a wave of attacks on major retailers in the country.
