Sophos named a Leader in the IDC MarketScape™: Worldwide Extended Detection and Response (XDR) Software 2025

Blog

Byadmblake September 29, 2025

A milestone that reflects our progress.

Blog

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

Apple has been hit with a fine of €150 million ($162 million) by France’s competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it’s imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS…

Read More Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices
Blog

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code. Cybersecurity company watchTowr Labs said it captured a dataset of over 80,000 files on these sites, uncovering thousands of

Read More Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
Blog

Malicious Scanning Waves Slam Remote Desktop Services

Researchers say the huge spike of coordinated scanning for Microsoft RDP services could indicate the existence of a new, as-yet-undisclosed vulnerability.

Read More Malicious Scanning Waves Slam Remote Desktop Services
Blog

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. “Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’s

Read More Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Blog

The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result…

Read More The Buyer’s Guide to AI Usage Control
Blog

Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network

A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also…

Read More Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network

Related