News

Introducing Sophos Advisory Services

Bys s October 1, 2025

See how your networks, systems, and employees stand up to simulated attacks before an adversary strikes.

News

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Bys s February 27, 2026

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT). “A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar,” the Microsoft Threat Intelligence team said in a post on X….

Read More Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
News

U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Bys s February 1, 2025

U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array of sites in question peddled…

Read More U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
News

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
Bys s November 20, 2025

Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that’s targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control (C2) server, Kaspersky researcher Lisandro Ubiedo said in an analysis published today. There are currently no details on how the botnet malware is propagated;

Read More Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
News

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Bys s June 12, 2025

A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already

Read More Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
News

A business’s cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?
Bys s October 19, 2025

Allardyce Bower Consulting paid more than $14,000 for a cyber insurance policy that included ransom coverage, but when they needed it, the insurer refused to pay. Had the business made a grave error in security? Over on SuspectFile, Marco A. De Felice writes: Allardyce Bower Consulting (ABC) was the victim of a severe cyberattack attributed……

Read More A business’s cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?
News

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
Bys s July 8, 2025

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. “The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract,” the Russian company said. “The…

Read More Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Similar Posts