We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Cyber alerts
We issue cyber security alert notifications to health and care organisations, ranging from weekly threat bulletins to immediate high-severity alerts.
March 2022
February 2022
CC-4043
Okta Releases Security Updates for Advanced Server Client for Windows
Security update addresses a remote code execution vulnerability
CC-4042
Adobe Releases Additional Security Updates for Commerce and Magento Open Source
Exploitation in the wild found for existing vulnerability and another Critical RCE vulnerability has been added to the Adobe security advisory.
CC-4040
Cisco Releases Security Update for Cisco AsyncOS Software for Cisco Email Security Appliance
Scheduled update addresses denial-of-service vulnerability
CC-4039
Google Releases Security Update for Chrome
Scheduled update for Chrome on Windows, macOS, and Linux fixes actively exploited zero-day vulnerability
CC-4038
VMware Releases Security Updates for ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere (NSX-V)
Scheduled security updates address multiple security vulnerabilities in VMware products, including some vulnerabilities reported after being used in a Chinese hacking competition.
CC-4037
Apple Releases Security Updates
Scheduled updates patch actively exploited zero-day vulnerability
CC-4034
SAP Releases February 2022 Security Updates
SAP partner Onapsis, with cooperation from SAP, has released a threat report about critical vulnerabilities in ICM. The regularly scheduled security updates for multiple SAP products also include updates for products affected by Log4Shell vulnerabilities.