React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos analysts are investigating the widespread exploitation of a critical vulnerability dubbed ‘React2Shell’ that affects React Server Components versions 19.0.0,...
investigating
WhatsApp compromise leads to Astaroth deployment
Sophos analysts are investigating a persistent, multi-stage malware distribution campaign targeting WhatsApp users in Brazil. First observed on September 24,...
Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code execution vulnerability (CVE-2025-59287) in Microsoft’s Windows Server Update...
WhatsApp Worm Targets Brazilian Banking Customers
Counter Threat Unit™ (CTU) researchers are investigating multiple incidents in an ongoing campaign targeting users of the WhatsApp messaging platform....
Artificial Intelligence SOC Analysts: Driving SecOps Forward
Sorting and examining notifications is crucial to security operations. While SOC squads aim to stay abreast of growing numbers and...
Pacific Rim: Delving into the Counter-Offensive—Tactics and Techniques Employed to Eliminate Threats Originating in China
For over five years now, Sophos has been delving into the activities of multiple China-based groups that are targeting Sophos...
ICC investigates cyber intrusions in Ukraine as likely war violations
Individuals at the International Criminal Court are looking into purported Russian cyber incursions on Ukrainian civilian structures as potential acts...
Live Nation investigating Ticketmaster breach
Live Nation Entertainment has finally confirmed that it is looking into a data breach within its Ticketmaster division that was...
