Sophos’ Secure by Design 2025 Progress
We are pleased to openly share our pledges and the progress we are making in each of the seven core pillars of product security in the Secure by Design framework
Similar Posts
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
Bys sOver the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic’s Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that an unauthorized group claimed that it had gained access…
Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy
Bys sAn Armenian national extradited from Ukraine to the United States faces federal charges for his role in Ryuk ransomware attacks and extortion conspiracy targeting companies throughout the United States, including a technology company operating in Oregon. Karen Serobovich Vardanyan, 33, an Armenian national, has been charged with conspiracy, fraud in connection with computers, and extortion…
Swiss critical sector faces new 24-hour cyberattack reporting rule
Bys sBill Toulas reports: Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. According to the NCSC announcement, this new requirement is introduced as a response to the increasing number of cybersecurity incidents…
Google to Shut Down Dark Web Monitoring Tool in February 2026
Bys sGoogle has announced that it’s discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is found on the dark web. To that end, scans for new dark web breaches will be stopped on January 15, 2026,…
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
Bys sAn exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These weren’t obscure, corner-case vulnerabilities,” security vendor Eclypsium said in a report shared with The Hacker News. “Instead these were very well-known issues that we wouldn’t…
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Bys sProgress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication bypass. MOVEit Automation (formerly Central) is a secure, server-based managed file transfer (MFT) solution used to schedule and automate file movement workflows in enterprise environments without requiring any custom scripts. The