News

Cybercriminals are abusing AdaptixC2, a legitimate emulation framework, in ransomware campaigns

Over a quarter of employees work with AI tools that had not been authorized by their company

A new dark web analysis reveals more than 300 million records have been breached in 2025 to date

The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker

Google Chrome will enhance security with enforced HTTPS connections from version 154, set for release in October 2026

The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads

A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys

Atroposia is a newly discovered modular RAT that uses encrypted channels and advanced theft capabilities to target credentials and crypto wallets

Debates over the effectiveness of phishing simulations are widespread. Sophos X-Ops looks at the arguments for and against – and our own phishing philosophy

The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)