Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ransomware: AI changes the writer. It doesn't change the math. Why most endpoint protection still treats ransomware as just another piece of malware, and what changes when you watch the data instead of the attacker. In 2013, CryptoLocker introduced the modern ransomware playbook. It also introduced something most of the industry has still not come to terms with: remote encryption.

Last summer we introduced Automated Leads, a transformative approach to threat detection designed to surface the subtle signs of an attack before it turns into a full-blown breach. It’s powered by CrowdStrike Signal (distinct from SGNL) and delivered via the CrowdStrike Falcon platform. Since that launch, the goal has remained the same: to move beyond the limitations of traditional alerting and give analysts a head start on detecting the most sophisticated adversaries.

Sophos named a Leader in the KuppingerCole Analysts Leadership Compass for Managed Detection and Response 2026 Sophos recognized across four leadership categories: Overall, Product, Innovation, and Market Sophos has been named an Overall Leader in the 2026 KuppingerCole Analysts Leadership Compass for Managed Detection and Response (MDR).

Detect compromised devices before attackers act. CYJAX’s new alerting identifies stealer malware infections and exposed credentials in near real time. CYJAX today announced the launch of Compromised Device Alerting, a new capability designed to help organisations identify compromised devices within their environment before attackers can act on stolen credentials.

A malicious imitation of Anthropic’s Claude site leads to DLL sideloading – and a backdoor As we reported on social media recently, Sophos X-Ops has been investigating reports of a fake Claude AI website distributing malware. Like other researchers, we thought this might be a PlugX-like campaign, given that the attack chain shares several characteristics with observed PlugX attacks.

How AI-accelerated threat discovery is reshaping network security As vulnerabilities are discovered faster than ever, organizations must rethink how they reduce exposure and contain risk at the network edge. Claude Mythos Preview has reignited debate about AI-driven cyber attacks, but the real shift isn’t what AI finds, it’s how quickly issues at the network edge can turn into impact. This post explores what’s changed and how network security must adapt to keep up.