IT news for UK small businesses – without the jargon
Phishing attacks are getting smarter – and your team could be the target this week. We’ve picked out the stories that actually matter for your business.
30,000 Facebook accounts compromised in phishing scam
Hackers managed to steal login details from 30,000 Facebook accounts using a phishing campaign (fake emails designed to trick people into giving away passwords). They did this by impersonating Google’s AppSheet platform. This is a good reminder that phishing attacks don’t need to be sophisticated – they just need someone to click the wrong link.
What this means for you: Train your team to spot suspicious emails, even if they look like they’re from tools you actually use.
GitHub Copilot now charges per token – what it costs you
GitHub’s AI coding assistant is shifting to a pay-as-you-go model based on how many tokens (chunks of text) you use. If you’ve got developers on your team experimenting with AI tools, this is worth knowing about. It could be cheaper than you think for small teams dipping their toes in.
What this means for you: If your developers use Copilot, you’ll want to understand the new pricing before your bill arrives.
UK firm builds data centres from lampposts – but there’s a catch
An innovative Warwickshire idea – using solar-powered lampposts with built-in computer chips to create distributed data centres. It’s clever thinking for renewable energy, but security questions remain about how well this scales and protects your data. Still worth watching as the technology matures.
What this means for you: New UK tech solutions are emerging – keep an eye on homegrown innovations that might serve small businesses better than big cloud providers.
Linux servers face actively exploited security hole
The US government’s CISA agency has flagged a serious vulnerability in Linux systems that hackers are already exploiting. If your business runs any Linux servers or relies on hosting providers using Linux – which is most of them – this is worth checking with your IT support team. It’s not alarmist to act on this one.
What this means for you: Contact your IT support provider this week to confirm your systems are patched against CVE-2026-31431.
Hover over any link (don’t click it) to see where it actually goes. If the web address doesn’t match the sender, it’s phishing. Also check: does the email feel rushed or ask for passwords? That’s a red flag. When in doubt, call the company directly using a number you know is real.
Stay safe out there – and let us know if your team needs phishing training this quarter.
