Sophos Intelix for Microsoft Copilot now brings threat intelligence directly into Copilot

Blog

Byadmblake October 20, 2025

World-class threat intelligence available directly where analysts work.

Blog

RediShell RCE Vulnerability

What is the Vulnerability? A Use-After-Free (UAF) bug in Redis’s Lua scripting subsystem (tracked as CVE-2025-49844, “RediShell”) allows an authenticated attacker who can run Lua scripts to escape the Lua sandbox and achieve arbitrary native code execution on the Redis host. This is a critical (CVSS 10.0), high-impact vulnerability because Lua scripting is enabled by…

Read More RediShell RCE Vulnerability
Blog

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems. The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken…

Read More Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Blog

Red Hat Hackers Team Up With Scattered Lapsus$ Hunters

Crimson Collective, which recently breached the GitLab instance of Red Hat Consulting, has teamed up with the notorious cybercriminal collective.

Read More Red Hat Hackers Team Up With Scattered Lapsus$ Hunters
Blog

Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack

The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against “a very limited number of customers” — for now — and stem from open source libraries.

Read More Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack
Blog

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. “PhantomCard relays NFC data from a victim’s banking card to the fraudster’s device,” ThreatFabric said in a report. “PhantomCard is based on

Read More New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Blog

Qilin Cybercrime Ring Claims Credit for Lee Newspaper Breach

The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn’t seek a ransom payment from its victim.

Read More Qilin Cybercrime Ring Claims Credit for Lee Newspaper Breach

Related