Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered...
#featured
Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Each year, several security solution providers – including Sophos – sign up for MITRE’s ATT&CK Enterprise Evaluations, a full-scale cyber...
A big finish to 2025 in December’s Patch Tuesday
Microsoft on Tuesday released 56 patches affecting 10 product families. Two of the addressed issues are considered by Microsoft to...
React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos analysts are investigating the widespread exploitation of a critical vulnerability dubbed ‘React2Shell’ that affects React Server Components versions 19.0.0,...
GOLD SALEM tradecraft for deploying Warlock ransomware
In mid-August 2025, Counter Threat Unitâ„¢ (CTU) researchers identified the use of the legitimate Velociraptor digital forensics and incident response...
OWASP Project Publishes List of Top Ten AI Agent Threats
The OWASP GenAI Security Project today published a top 10 list of the potential security threats that organizations are likely...
Nudge Security Extends Ability to Secure Data in the AI Era
Nudge Security today extended the scope of its namesake security and governance platform to monitor sensitive data shared via uploads...
Sophos Firewall v22 is now available
The product team is pleased to announce that Sophos Firewall v22 is now generally available. This update brings several Secure...
Inside Shanya, a packer-as-a-service fueling modern attacks
We have covered packer-as-a-service offerings from the computer underworld in the past, previously dissecting impersonation campaigns and the rise of...
Sharpening the knife: GOLD BLADE’s strategic evolution
Between February 2024 and August 2025, Sophos analysts investigated nearly 40 intrusions related to STAC6565, a campaign the analysts assess...
Introducing Sophos Intelix for Microsoft 365 Copilot
We’re thrilled to unveil Sophos Intelix for Microsoft 365 Copilot, a powerful new integration that brings world-class threat intelligence from...
Introducing Sophos Intelix for Microsoft Security Copilot
Sophos is excited to announce the launch of the new Sophos Intelix for Microsoft Security Copilot agent, now available in...
CrowdStrike Extends Scope of AWS Cybersecurity Alliance
CrowdStrike this week extended its alliance with Amazon Web Services (AWS) to automate configuration of its Falcon security information event...
AWS Adds Bevy of Tools and Capilities to Improve Cloud Security
Amazon Web Services (AWS) this week made an AWS Security Hub for analyzing cybersecurity data in near real time generally...
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda spent seven years uploading seemingly legitimate extensions into browser marketplaces, building trust among its growing...
![Sectigo New Public Roots and Issuing CAs Hierarchy [2025 Migration Guide]](https://certera.com/blog/wp-content/plugins/wp-postratings/images/stars/rating_on.gif)