Sophos’ Secure by Design 2025 Progress

The consequences of this burnout are far-reaching, affecting productivity, incident response times, and employee retention.

The Times of Israel reports: The Assaf Harofeh Medical Center in the central city of Beer Yaakov was targeted by a cyberattack over Yom Kippur, according to a joint announcement from the hospital, the Health Ministry and the National Cyber Directorate. Authorities were investigating the possibility of a leak as a result of the attack…….

Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August 2025. The campaign is assessed with high confidence to share overlaps with a hacking group…

AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you’re in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you’re left trying to manage a growing web of AI agents you didn’t create, can’t fully see, and weren’t designed to control….

Ionut Arghire reports: Princeton University over the weekend disclosed a data breach impacting alumni, donors, faculty, students, parents, and other members of its community. On November 10, the university says, a threat actor accessed an Advancement database containing names, addresses, email addresses, and phone numbers, along with information on fundraising activities and donations to the……

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through