Analysis & Commentary
-
19 MAY 2026
FCA, Bank of England and Treasury Issue Joint Warning on Frontier AI Cyber Risk | GET-IT Cyber DivisionThe FCA, Bank of England, and Treasury have jointly warned regulated firms that frontier AI is amplifying cyber threats at speed and scale. UK audit data published in March showed the gap they're now pointing at.
-
15 MAY 2026
The Compliance Tailwind: King's Speech & the UK Cyber Resilience Bill | GET-ITThe Cyber Security and Resilience Bill gives CISOs their clearest board argument in years. GET-IT's audit of 2,011 UK domains shows the exposure reality.
Active UK Advisories
Thinking carefully before adopting agentic AI
Read NCSC Advisory →10 questions to ask when using AI models to find vulnerabilities
Read NCSC Advisory →Preparing for a ‘vulnerability patch wave’
Read NCSC Advisory →Could your choice of metrics be harming your SOC?
Read NCSC Advisory →Defending against China-nexus covert networks of compromised devices
Read NCSC Advisory →NCSC: Leave passwords in the past - passkeys are the future
Read NCSC Advisory →Known Exploited Vulnerabilities — Active in the Wild
Microsoft Microsoft Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
View CISA Advisory → CVE-2026-20182 — Cisco | Catalyst SD-WANCisco Catalyst SD-WAN Vulnerability
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
View CISA Advisory → CVE-2026-42208 — BerriAI | LiteLLMBerriAI LiteLLM Vulnerability
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.
View CISA Advisory → CVE-2026-6973 — Ivanti | Endpoint Manager Mobile (EPMM)Ivanti Endpoint Manager Mobile (EPMM) Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
View CISA Advisory → CVE-2026-0300 — Palo Alto Networks | PAN-OSPalo Alto Networks PAN-OS Vulnerability
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
View CISA Advisory → CVE-2026-31431 — Linux | KernelLinux Kernel Vulnerability
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
View CISA Advisory →Financial Fraud Warnings & Action Fraud Alerts
Is the claims management market working?
When consumers are wronged, many rightly seek fair compensation. Some complain directly, without paying a penny using free Ombudsman services. Others turn to claims management companies (CMCs) or law firms.They can provi...
Read FCA Warning →FCA, Bank of England and Treasury joint statement on frontier AI models and cyber resilience
Why frontier AI matters for firmsArtificial intelligence (AI) continues to evolve rapidly. Frontier AI models represent a step-change in capability, with significant implications for cyber security and operational resili...
Read FCA Warning →Working together against financial crime
Speech by Nikhil Rathi, FCA chief executive at the FCA's financial crime conference. A new threat landscapeFinancial crime is changing – fast.It’s more technologically enabled. More organised than ever before. And movin...
Read FCA Warning →Convicted money launderer sentenced to extra prison time
A convicted money launderer has been sentenced to an additional 499 daysin prison for failing to fully pay the money owed under a Confiscation Order. In 2021,RichardFaithfull,now36,wassentenced to5 years and 10 monthsin...
Read FCA Warning →Three arrested in FCA investigation into suspected unlawful financial promotions
Three people have been arrested as part of a crackdown on suspected illegal financial promotions. Two homes in the Chelmsford and Romford areas were searched, as part of an operation led by the FCA and the Eastern Regio...
Read FCA Warning →A reform-minded regulator
Speech by Nikhil Rathi, FCA chief executive, at the Association of Foreign Banks (AFB) luncheon. When I saw that a boxing ring had been temporarily installed in this room last autumn, I wasn’t quite sure whether it was...
Read FCA Warning →ICO Enforcement Notices & Data Protection Penalties
ICO Enforcement Notices & Monetary Penalties
The ICO regularly issues fines and enforcement notices for data protection breaches under UK GDPR. View the full register of actions below.
View ICO Enforcement Register →Is Your Business Exposed?
Many of these vulnerabilities affect software used by UK SMEs every day. A GET-IT threat intelligence scan will tell you exactly where your perimeter stands.
Book a Resilience Scan →Intelligence sourced from NCSC UK, the CISA Known Exploited Vulnerabilities Catalog, the FCA ScamSmart programme, and the ICO Enforcement register. This page is updated automatically every 12 hours. For the most current advisories visit the source links directly. GET-IT Cyber Division curates this content for UK SME relevance but is not responsible for the accuracy of third-party source data.