Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sophos Firewall v22 MR1 is now available Check out the full release notes for more details and a list of fixes. Sophos Firewall v22 bolstered Secure by Design, taking it to a whole new level with major updates to the architecture and new features like the Health Check to help identify high-risk configurations.

Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to hide malicious activity within virtualized environments. Attackers are drawn to QEMU and more common hypervisor-based virtualization tools like Hyper-V, VirtualBox, and VMware because malicious activity within a virtual machine (VM) is essentially invisible to endpoint security controls and leaves little forensic evidence on the host itself.

Secure by Design: Building cybersecurity into the foundation An explainer of why this philosophy matters and how it reduces attack surface from the inside Secure by Design is a software development philosophy that treats security as a foundational requirement rather than an afterthought.

We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond. Last week, Thomas Ptacek published a piece arguing that vulnerability research is cooked. His thesis: AI agents are about to drown us in a steady stream of validated, exploitable, high-severity vulnerabilities, faster than anyone can patch them. But from where I sit, the more urgent question isn't whether the flood is coming, but whether the infrastructure we depend on can absorb it.

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks In my previous article on OpenClaw I wrote: “Even the most ‘risk-on’ organizations with deep AI and security experience, will likely find it challenging to configure OpenClaw in a way that effectively mitigates the risk of compromise or data loss, while still retaining any productivity value.” The Red Team here at Sophos took that as ‘challenge accepted’, s

On April 7, 2026, a security researcher described an Adobe Reader zero-day vulnerability that has been exploited since at least December 2025. The vulnerability allows threat actors to execute privileged Acrobat APIs via specially crafted malicious PDF files that execute obfuscated JavaScript when opened. Exploitation allows attackers to steal sensitive user and system data and to potentially launch additional attacks and remotely execute code.

No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements Organizations today operate under a substantial number of IT and cybersecurity compliance obligations.

Sophos named a 2026 Gartner Peer Insights Customers' Choice for Managed Detection and Response Third consecutive time being named a Customers’ Choice for MDR Sophos has been named a 2026 Gartner Peer Insights Customers' Choice in the 2026 Gartner Peer Insights Voice of the Customer for Managed Detection and Response (MDR).