Majority of US enterprises breached in past two years despite security spend, and other cybersecurity news

Penetration testing, or pentesting, is a vital cybersecurity practice where experts simulate attacks to uncover weaknesses before they’re exploited. As threats grow more frequent and complex – with a majority of US organizations suffering a breach in the past two years – a new report asks: are organizations evolving their testing strategies fast enough to keep up?

Pentera’s 2025 State of Pentesting Survey reveals that while companies continue to invest in growing security stacks, breaches remain widespread – and response times slow. The report signals a shift towards automated, ongoing pentesting as a critical component of modern cyber resilience.

Key findings of the report include:

The report highlights a growing disconnect between the complexity of security environments and the effectiveness of pentesting, revealing that many organizations still struggle to translate testing results into meaningful risk reduction.

British retailers have been targeted in a series of significant cyberattacks in recent weeks. Major multinational Marks & Spencer (M&S) was forced to close for business on 25 April following a ransomware attack - where criminals hack and encrypt systems demanding a ransom to relinquish control - with millions of pounds being lost each day since on sales, according to Reuters.

Rival grocery chain the Co-op and luxury retailer Harrods both reported attempted hacks just days later, with the former temporarily closing its system as a precaution.

Both supermarket chains have since confirmed data breaches. "DragonForce", a group claiming responsibility for the three cyberattacks, told the BBC on 2 May: "We have customer database, and Co-op member card data." They also said more attacks were planned.

Meanwhile, M&S told customers this week that while some personal information had been accessed, it did not include banking information and no further action was needed.

According to multiple news reports citing technology site BleepingComputer, the hackers were able to access the supermarkets' servers after duping IT helpdesks into password resets.

The attacks have also been linked to the hacking collective Scattered Spider, which reportedly includes individuals from the UK and US and has previously faced charges over phishing attempts to steal cryptocurrency.

In recent guidance, the UK's National Cyber Security Centre advised that to protect against such advanced attacks, whether socially engineered or not, organizations should:

This comes as a pro-Russian hacking group, NoName057(16), claims to have disrupted UK websites - including local councils and a police association - during a three-day campaign, reports The Guardian.

A senior UK government minister has warned that cyber threats are likely to increase in "frequency and intensity" as AI adoption grows.

Spain’s cybersecurity agency is seeking information from small power generators as part of an investigation into April’s blackout that also affected parts of Portugal, the Financial Times reports. Officials are concerned that weak cyber defences at renewable energy sites may have been exploited. Spain’s energy minister has confirmed the cause as a sudden loss of power generation, with no evidence of a cyberattack on its grid operator. Failures at substations in Granada, Badajoz and Seville led to a 2.2-gigawatt generation loss and cascading grid disconnections.

US agencies, including CISA, the FBI and the Department of Energy, have issued a warning about cyberattacks targeting the oil and natural gas sector, according to Security Week. The attacks use basic intrusion methods to exploit weak security practices in critical infrastructure, which could lead to operational disruptions or even physical damage. CISA noted that the threats are likely from hacktivist groups targeting vulnerable ICS/SCADA systems, particularly those with exposed or default passwords.

India’s top exchanges, NSE and BSE, have temporarily restricted website access for overseas users due to cyber threats. This does not affect overseas trading on Indian markets. A BSE spokesperson confirmed the cyber threat concern but did not specify any recent attacks.

The EU cybersecurity agency ENISA has launched the European Vulnerability Database. Mandated by the NIS2 Directive, the EU’s cybersecurity framework for risk management and incident reporting, the database provides information on vulnerabilities affecting IT, OT and IoT products, sourced from vendors, incident response teams and other databases. It is accessible for free.

A 'state-of-the-art' telescope has been built in Edinburgh, Scotland, that will test and monitor quantum-encrypted satellite communications. HOGS (the Hub Optical Ground Station) aims to "tackle future cyberattacks by researching methods to send secure transmissions via satellites," according to Heriot-Watt University where the hub is based.

Confidence Staveley, Founder and Executive Director of CyberSafe Foundation, is on a mission to promote better cyber hygiene and address the inequalities in the cybersecurity sector. In a recent interview with the World Economic Forum, she discussed the importance of public and private partnerships for training women in cybersecurity, supporting small businesses and extending cyber best practices to marginalized communities. Staveley is also bridging the gap between cybersecurity and pop culture to reach those most vulnerable to online threats.

"What I'm seeing in the past five years, is that people are waking up and really valuing privacy," says the Signal Foundation's leader Meredith Whittaker. Learn more about the need to fight for this right online:

The Marks & Spencer cyberattack has underscored the importance of cyber resilience, showing that businesses must not only protect against cyber threats but also minimize their impact. Two experts explain why the attack, which disrupted operations and cost the company $995 million (£750m), highlights the need for a strategic approach to handling cyber incidents.