Sophos Protected Browser Early Access and FAQ

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. “Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads,” ReliaQuest said in a report

Alexander Martin reports: More than 11 months after a ransomware group published information from a U.K. pathology services company, the affected patients still have not been informed about what data of theirs was exposed in the incident, with material about sexually transmitted infections and cancer cases being included in the leaks. The data was compromised…

Vanessa Brown reports: Qantas has confirmed that six million customers could be impacted by a mammoth cyber incident at one of the airline’s contact centres, impacting personal data. The concerning incident was detected by the national carrier on Monday, after “unusual activity” on a third party platform used by Qantas was detected. While the airline…

Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. “These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow that could result in unintended control…

The high-profile information stealer switches up its TTPs, but keeps the CAPTCHA tactic; we take a deep dive