Sophos India Volunteers Bring Color to Local Schools
Sophos India volunteers transformed two rural schools with vibrant murals, enhancing learning spaces and strengthening community ties.
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. “The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published…
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May…
Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software
These are the tools of the trade Sophos detected in use by cybercriminals over 2024
The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy
Max Severity Bug in Apache Roller Enabled Persistent Access
The remediated flaw gave adversaries a way to maintain access to the app through password resets.
With AI’s Help, Bad Bots Are Taking Over the Web
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.
AI-Powered Presentation Tool Leveraged in Phishing Attacks
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named “Gamma” in phishing attacks.
Hertz Falls Victim to Cleo Zero-Day Attacks
Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.