Sophos AI Assistant: Accelerating security operations with GenAI

Cyber threat intelligence can inform decisions but is a complex issue. Where it is complete and accurate it is a huge boon. The post Cyber Insights 2025: Cyber Threat Intelligence appeared first on SecurityWeek.

In 2019, DataBreaches reported that Solara Medical Supplies in California was notifying more than 110,000 patients after an attacker gained access to some employees’ email accounts via phishing. Solara was subsequently sued and settled claims for $9.76 million. Now today, HHS OCR announced a settlement with Solara: Today the U.S. Department of Health and Human…

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay…

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded…

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments. The post Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments appeared first on SecurityWeek.

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape….