Sophos Partners with Capsule on New Cyber Insurance Program
The partnership rewards real-world, observable security controls, while removing the traditional barriers to insurance coverage.
Similar Posts
Hackers Claim To Have Compromised Data Broker Used By U.S. Government To Dodge Warrants
Bys sOver on TechDirt, Karl Bode writes: Gravy Analytics, the parent company of Venntel, is like many dodgy data brokers. The company gleans vast troves of sensitive U.S. behavior and location cellphone data, then generally sells access to that data to a long line of folks. Including the U.S. government, which has increasingly turned to buying…
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Bys sCybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take
Victorian Department of Education says hackers stole students’ data
Bys sSergiu Gatlan reports: The Department of Education in Victoria, Australia, notified parents that attackers accessed a database containing the personal information and email addresses of current and former students, prompting password resets. The department disclosed the breach in letters sent to parents, stating that an unauthorized third party accessed students’ names, school names, year levels,……
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy
Bys sGoogle on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. “Insufficient policy enforcement…
Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident
Chinese hackers remotely accessed US Treasury Department workstations after compromising a cloud-based service operated by BeyondTrust. The post Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident appeared first on SecurityWeek.
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services
Bys sVarious industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. “The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure,” Kaspersky ICS CERT said…