Quarterly

Threat Briefing

Quarterly deep-dive into emerging threat vectors, attacker techniques, and their compliance implications for regulated industries.

3 Editions Published

Threat Briefing Q2 2026 (April) — Legitimate Tools as Weapons, 20-Hour Exploitation Windows, and the European Ransomware Surge

Latest

Iran wiped 80,000 devices using only Microsoft Intune. Attackers exploited an AI platform vulnerability within 20 hours. A supply chain attack on a vulnerability scanner compromised the European Commission. And ransomware victims in Europe surged by triple digits. Our April threat briefing covers the four patterns defining 2026's threat landscape.

Apr 9, 202612 min read

Threat Briefing Q1 2026 (March) — SD-WAN Zero-Days, Nation-State Espionage at Scale, and the Industrialisation of Credential Theft

CVSS 10.0 zero-day exploited for three years. Nation-state actors hiding C2 inside Google Sheets. Credential theft running like a franchise. Our March threat briefing covers the Cisco SD-WAN emergency directive, GRIDTIDE and Dohdoor espionage campaigns, and the industrialised infostealer economy — with regulatory context for NIS2, DORA, and CRA.

Mar 5, 202610 min read

Threat Briefing Q1 2026 — AI-Augmented Attacks, Ransomware Multi-Extortion, and IoT Botnets

Our quarterly analysis of the evolving threat landscape. This edition examines how AI is reshaping offensive operations, the continuing evolution of ransomware business models, and why IoT botnets deserve renewed attention from European mid-market organisations.

Feb 18, 20269 min read