News

Year in Review 2025: The major headlines and moments from Sophos this year

Bys s January 14, 2026

Categories: Sophos Insights

Tags: Year in Review, security news

News

Keenan & Associates settles 2023 data breach litigation for $14M
Bys s August 15, 2025

Keenan & Associates is a benefits consulting and insurance brokerage provider in California, providing services to several sectors, including healthcare entities and educational facilities. Between August 21, 2023 and August 27, 2023, an unauthorized user accessed information relating to certain of Keenan’s customers, including names, dates of birth, Social Security numbers, passport numbers, driver’s license……

Read More Keenan & Associates settles 2023 data breach litigation for $14M
News

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
Bys s March 30, 2026

Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a “complex and well-resourced operation.” The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL

Read More Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
News

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
Bys s March 19, 2025

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram user @ExploitWhispers last month. According to an analysis of the messages…

Read More Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
News

Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Bys s March 19, 2026

Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. “Speagle is designed to surreptitiously harvest sensitive information from infected computers and transmit it to a Cobra DocGuard server that has been compromised by the attackers, masking the data exfiltration process as legitimate

Read More Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
News

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
Bys s February 10, 2025

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems. The zero-day exploitation of security flaws in VeraCore has been attributed to a threat actor known as…

Read More XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
News

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
Bys s January 19, 2026

Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security’s Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar’s privacy controls by hiding a…

Read More Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

Similar Posts