SophosAI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job

LETA reports: The Data State Inspectorate (DVI) has imposed a 300,000 euro fine on SIA “ZZ Dats” in connection with last year’s municipal data breach; the company has appealed the decision in court, the LETA news agency reports. According to the Inspectorate, the data were stored in an information system maintained by ZZ Dats. Upon……

Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and yet they are also the most vulnerable to the cognitive and organizational pressures that quietly erode…

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. “The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,” Proofpoint said in a Thursday report. The

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. “Our Developer GitHub secrets were exposed in the attack, which gave the attacker…

Matthew Gault reports: Researchers published a massive database of more than 2 billion Discord messages that they say they scraped using Discord’s public API. The data was pulled from 3,167 servers and covers posts made between 2015 and 2024, the entire time Discord has been active. Though the researchers claim they’ve anonymized the data, it’s…

It’s a fully supported upgrade from v21, v20, v19.5 and v19.0.