A Browser Extension Risk Guide After the ShadyPanda Campaign
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions...
that
React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos analysts are investigating the widespread exploitation of a critical vulnerability dubbed ‘React2Shell’ that affects React Server Components versions 19.0.0,...
The AI Fix #80: DeepSeek’s cheap GPT-5 rival, Antigravity fails, and your LLM likes it when you’re rude
In episode 80 of The AI Fix, your hosts look at DeepSeek 3.2 “Speciale”, the bargain-basement model that claims GPT-5-level...
Sophos Firewall v22 is now available
The product team is pleased to announce that Sophos Firewall v22 is now generally available. This update brings several Secure...
Sophos Named One of Computerworld’s 2026 Best Places to Work in IT
We are proud to share that Sophos has been recognized for the second year running as one of Computerworld’s Best...
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a...
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Image: Zulfugar Karimov/Unsplash Apple and Google confirmed last week that they have issued a new round of threat notifications to...
This Week in Scams: Phony AI Ads, Apple Account Takeover Attempts, and a PlayStation Scam
For this week in scams, we have fake AI-generated shopping images that could spoil your holidays, scammers use an Apple...
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties...
Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report
In short, while there was no evidence that unsanctioned app use is routine or normalized, it is likely that enough...
Introducing Sophos Intelix for Microsoft 365 Copilot
We’re thrilled to unveil Sophos Intelix for Microsoft 365 Copilot, a powerful new integration that brings world-class threat intelligence from...
India withdraws demand for forced installation of government app
The other day ComputerSweden reported that the Indian government had demanded that all mobile phones in the country be equipped...
India Scraps Mandatory App Preinstall Following Industry Pushback
Image: Envato/osbmxhouse The Indian government has officially rescinded a controversial mandate that would have forced smartphone manufacturers to ship new...
Gainsight Expands Impacted Customer List Following Salesforce Security Alert
Nov 27, 2025Ravie LakshmananRansomware / Cloud Security Gainsight has disclosed that the recent suspicious activity targeting its applications has affected...
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from...
