Sophos Emergency Incident Response is now available

Blog

Byadmblake June 10, 2025

The first service combining the power of Sophos and Secureworks.

Blog

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor’s hosting provider to redirect targeted users to malicious downloads.

Read More Chinese Hackers Hijack Notepad++ Updates for 6 Months
Blog

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types – On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government…

Read More Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Blog

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below – chrono_anchor dnp3times time_calibrator time_calibrators time-sync The crates, per Socket, impersonate timeapi.io and were published between late February and early March

Read More Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Blog

Apache OFBiz Authentication Bypass

What is the vulnerability?There is an authentication bypass vulnerability in Apache OFBiz tracked under CVE-2023-51467 and CVE-2023-49070. Successful exploitation would let an attacker circumvent authentication processes, enabling them to remotely execute arbitrary code and access sensitive information. Apache OFBiz is an open-source business application suite for Enterprise Resource Planning (ERP) which integrates and automates many…

Read More Apache OFBiz Authentication Bypass
Blog

The Alert Firehose Finally Meets Its Match

Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear “Noisy,” “Too much data.” But ask the teams running NDR that includes agentic AI capabilities and you’ll hear they’re actually using it to catch threats earlier, triage faster, and chase fewer false positives. The old complaint lingers in part because…

Read More The Alert Firehose Finally Meets Its Match
Blog

DPRK Fake Job Scams Self-Propagate in ‘Contagious Interview’

A compromised developer’s repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware.

Read More DPRK Fake Job Scams Self-Propagate in ‘Contagious Interview’

Related