Analysis & Commentary
-
19 MAY 2026
FCA, Bank of England and Treasury Issue Joint Warning on Frontier AI Cyber Risk | GET-IT Cyber DivisionThe FCA, Bank of England, and Treasury have jointly warned regulated firms that frontier AI is amplifying cyber threats at speed and scale. UK audit data published in March showed the gap they're now pointing at.
-
15 MAY 2026
The Compliance Tailwind: King's Speech & the UK Cyber Resilience Bill | GET-ITThe Cyber Security and Resilience Bill gives CISOs their clearest board argument in years. GET-IT's audit of 2,011 UK domains shows the exposure reality.
Active UK Advisories
The AI shift in cyber risk: why leaders must act now
Read NCSC Advisory →The 'vibe coding spectrum' approach to AI-assisted software development
Read NCSC Advisory →Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways
Read NCSC Advisory →NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK's critical systems
Read NCSC Advisory →Software supply chain attacks: check your dependencies
Read NCSC Advisory →Designing secure access with ZTNA
Read NCSC Advisory →Known Exploited Vulnerabilities — Active in the Wild
Lantronix EDS5000 Vulnerability
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.
View CISA Advisory → CVE-2026-34910 — Ubiquiti | UniFi OSUbiquiti UniFi OS Vulnerability
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injection.
View CISA Advisory → CVE-2026-34909 — Ubiquiti | UniFi OSUbiquiti UniFi OS Vulnerability
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.
View CISA Advisory → CVE-2026-34908 — Ubiquiti | UniFi OSUbiquiti UniFi OS Vulnerability
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.
View CISA Advisory → CVE-2026-20253 — Splunk | EnterpriseSplunk Enterprise Vulnerability
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.
View CISA Advisory → CVE-2026-48907 — Widget Factory | Joomla Content EditorWidget Factory Joomla Content Editor Vulnerability
Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users.
View CISA Advisory →Financial Fraud Warnings & Action Fraud Alerts
FCA secures confiscation order against Ponzi scheme fraudster
The FCA has secured a confiscation order of £452,286.80 against convicted fraudster Daniel Pugh. Mr Pugh, 36, is serving a 7 years and 6 months prison sentence for defrauding investors out of £1.3m.Run from his bedroom...
Read FCA Warning →Consumers warned about misleading car finance 'money tips' claims ads
Consumers are being warned to be wary of misleading car finance 'money tips' adverts issued by claims management companies (CMCs) and law firms on social media. As part of the joint regulatory taskforce, the FCA has ide...
Read FCA Warning →ICO Enforcement Notices & Data Protection Penalties
ICO Enforcement Notices & Monetary Penalties
The ICO regularly issues fines and enforcement notices for data protection breaches under UK GDPR. View the full register of actions below.
View ICO Enforcement Register →Is Your Business Exposed?
Many of these vulnerabilities affect software used by UK SMEs every day. A GET-IT threat intelligence scan will tell you exactly where your perimeter stands.
Book a Resilience Scan →Intelligence sourced from NCSC UK, the CISA Known Exploited Vulnerabilities Catalog, the FCA ScamSmart programme, and the ICO Enforcement register. This page is updated automatically every 12 hours. For the most current advisories visit the source links directly. GET-IT Cyber Division curates this content for UK SME relevance but is not responsible for the accuracy of third-party source data.