Cybercriminals are increasingly abusing internal OAuth-based applications to gain long-term access to enterprise cloud environments, according to new research from Proofpoint. These malicious applications can remain undetected for extended periods, allowing attackers to retain access to high-privileged accounts even after password resets or multi-factor authentication (MFA) enforcement. Because OAuth tokens authorize access without requiring credentials, they offer a covert way for attackers to persist inside compromised systems.

A large-scale disruption at Amazon Web Services (AWS) earlier this week caused major outages across websites and apps worldwide, affecting users from the Americas to Europe and Asia. The company later confirmed that the issue has been mitigated, with most services restored by Monday afternoon.

A significant Amazon Web Services (AWS) outage on October 20, 2025, disrupted numerous online platforms worldwide, highlighting the internet's reliance on centralized cloud infrastructure.

The Bank of England (BoE) has announced plans to make artificial intelligence (AI), distributed ledger technology (DLT), and quantum computing the cornerstone of its technology strategy. In a newly released report, the central bank outlined how it intends to leverage these “cross-cutting technologies” to achieve transformative outcomes across the UK’s financial system and wider economy. The strategy emphasizes not only the Bank’s own adoption of these tools but also its broader role in encouraging responsible innovation throughout the financial services sector.

To understand the impact of increasing global regulatory fragmentation, the International Regulatory Strategy Group (IRSG)* has developed a ‘Global Regulatory Coherence Dashboard’ to map the extent of global alignment or divergence in financial regulations across key policy areas affecting UK-based financial and related professional services.

Cybersecurity researchers at ReliaQuest have uncovered a year-long cyber espionage campaign attributed to Flax Typhoon—a Chinese state-sponsored hacking group also known as Ethereal Panda and RedJuliett.

A massive data exposure linked to the invoicing and billing platform Invoicely left nearly 180,000 private files accessible online without password protection or encryption.