Sophos Firewall v22 is now available

A simple customer query leads to a rabbit hole of backdoored malware and game cheats

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), which could be exploited by an attacker to…

Nadeem Badshah reports: HM Revenue and Customs has lost £47m after a phishing scam breached tens of thousands of tax accounts, a group of MPs has heard. Two senior civil servants at the tax authority told the Treasury committee on Wednesday that 100,000 people had been contacted, or were in the process of being contacted,…

Fraser Tennant reports: ….  The reality is that M&A practitioners, in their quest to negotiate the best possible deal, may be less focused on the tools that are used to store and share confidential transactional data – both internally and externally. This can leave such data highly vulnerable to hackers with malicious intent. “Threat actors…

A press release from the Department of Justice Defendant Allegedly Took Part in Global Ransomware Scheme Using “Nefilim” Ransomware Strain Thursday, May 1, 2025 Earlier today, in federal court in Brooklyn, a superseding indictment was unsealed charging Artem Stryzhak with conspiracy to commit fraud and related activity, including extortion, in connection with computers, for his…

Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world….