Stay updated with the latest Sophos news, covering cutting-edge information security solutions and insights from a leader in cyber protection.
Search across headline titles and summaries.
Background for this topic.
Sophos is a British security software and hardware company specializing in providing a range of products and services for communication endpoint, encryption, network security, email security, mobile security, and unified threat management. In the context of information security, Sophos stands out as a provider of innovative cybersecurity solutions that are designed to protect businesses and organizations against a wide variety of threats, from viruses and ransomware to phishing attacks and malicious software.
The company's suite of products includes anti-virus tools, firewalls, encryption technologies, and network protection services that cater to the needs of both small businesses and enterprise-level organizations. Sophos is known for its intuitive management interfaces and advanced technologies, such as machine learning and artificial intelligence, which it employs to detect and respond to threats more effectively. As cybersecurity threats evolve, Sophos remains at the forefront, continuously updating and improving their defense mechanisms to better safeguard users' digital assets and data.
Weekly headline count for the current query.
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading
UK Rollout to Link Arco's Cybersecurity Assurance With Sophos's Threat IntelligenceSophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations.
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware
Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell
Dark Reading Confidential Episode 9: Join us for a look around today's Dark Web, and find out how law enforcement, AI, nation-state activities, and more are reshaping the way cybercriminals conduct their dirty business online. Keith Jarvis, senior security researcher at Sophos' Counter Threat Unit joins Dark Reading's Alex Culafi for a conversation you don't want to miss.
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution. The two vulnerabilities impacting Sophos Firewall are listed below - CVE-2025-6704 (CVSS score: 9.8) - An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature can lead
Experts Say MDR Services and Proactive Defense Can Break the Payment CycleAPJ organizations face a ransomware paradox: demands dropped 50% to $500,000, yet 54% paid the threat actors. The new Sophos report shows why firms continue paining, how successful negotiations work and what proactive defenses can stop attacks before encryption begins
PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more Infosec in Brief Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos.…
Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.
Someone went to great lengths to prey on the next generation of cybercrooks Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting novice cybercriminals and video game cheaters looking to get their hands on malicious code.…
Sophos has uncovered a scheme planting malicious code in 130+ GitHub repositories, targeting hackers and gamers
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace
Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps
In February 2025, Sophos completed the Secureworks deal and SolarWinds went private
Vendors Consolidate Endpoint, Managed Offerings to Combat Major Industry PlayersRising competition from CrowdStrike and Microsoft is driving MDR and EDR providers to consolidate. Companies such as Sophos and Arctic Wolf are acquiring endpoint or managing security technology to enhance detection and response capabilities, signaling a shift toward full-stack security solutions.
Cuts Hit Duplicative Roles, Positions Rooted in Secureworks Being a Public CompanySophos laid off 6% of its staff just days after closing its $859 million acquisition of Secureworks. The job cuts will streamline duplicative roles following the Feb. 3 close of the Secureworks deal as well as reduce positions that are no longer needed since Secureworks delisted as a public company.