News

Google Chrome will enhance security with enforced HTTPS connections from version 154, set for release in October 2026

The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads

A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys

Atroposia is a newly discovered modular RAT that uses encrypted channels and advanced theft capabilities to target credentials and crypto wallets

Debates over the effectiveness of phishing simulations are widespread. Sophos X-Ops looks at the arguments for and against – and our own phishing philosophy

The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)

Explore the Cybersecurity toolkit and start building your prevention-first strategy today. 

Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code

Securing your firewall is much easier with the new Health Check feature.

I can’t believe that I haven’t yet posted this picture of a giant squid at the Smithsonian.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.