DragonForce targets rivals in a play for dominance

Introducing the powerful new AI Assistant in Sophos XDR. Crafted by experts, created for everyone.

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and…

Paging the Federal Trade Commission to Aisle 5…. The Federal Trade Commission has repeatedly emphasized the importance of having a mechanism in place to receive data security alerts or concerns. American Income Life Insurance (“AILife”), headquartered in Waco, Texas, does not provide such information on its home page or anywhere else on the site that……

SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,” Arctic Wolf Labs researcher Julian Tuin said…

Legacy data and servers have bitten another entity. Kudos to Addison Northwest School District (ANWSD), though, for the clarity of their public notice, linked prominently from their home page. Their notice: We want to inform our community about a recent cybersecurity incident involving Addison Northwest School District (ANWSD). During an investigation into a breach affecting…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation. The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw that affects Windows and Linux versions of the software via