May 2026 Daily Int Brief Archive

Act Now

08 May 2026

Actions On Cyber Daily Int Brief: Check your website hosting after active exploitation of cPanel and WHM

Executive Summary: A critical weakness in cPanel and WHM, widely used to manage websites, email and hosting accounts, has been added to CISA's Known Exploited Vulnerabilities catalogue and is being reported as exploited in real-world attacks. Many small businesses, charities, clubs and community groups do not run cPanel themselves, but their website hosting provider may use it behind the scenes. The practical action is simple: ask your hosting provider today whether cPanel and WHM, DNSOnly and WP2 have been updated, whether your account or server showed signs of compromise, and whether recent website and email backups are available and tested.

Read brief

Act Now

08 May 2026

Daily Int Brief: Treat HR, conduct and compliance emails as high-risk phishing lures

Executive Summary: The strongest current topic for UK small organisations is phishing that looks like normal internal business admin: HR, conduct, compliance, policy or document-review messages. Microsoft reported a recent campaign that used polished code-of-conduct themed emails and multi-step sign-in flows to steal access tokens, meaning ordinary multi-factor authentication may not always be enough if users are tricked into signing in through a fake journey. This matters because the UK Cyber Security Breaches Survey 2025/2026 says phishing remains the most common and most disruptive attack type for businesses and charities. Small organisations should act now by tightening email and account controls, giving staff a simple rule for urgent HR/compliance emails, and asking IT providers to review Microsoft 365 or Google Workspace sign-in protections.

Read brief