Sophos Blogs https://www.sophos.com/en-us/blog Latest blog posts and insights from Sophos en-us Microsoft addresses 163 CVEs, 88 advisories for April Patch Tuesday https://www.sophos.com/en-us/blog/april-2026-microsoft-patch-tuesday Following a long-established pattern, the fourth month of the year is one of the cruelest

Categories: X-ops, Threat Research

Tags: Patch Tuesday

]]> Fri, 17 Apr 2026 00:00:00 GMT blt8c8269f0f36d9a78 QEMU abused to evade detection and enable ransomware delivery https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment

Categories: Threat Research

Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2

]]> Thu, 16 Apr 2026 00:00:00 GMT blt0e1e2d411d4d672c Secure by Design: Building cybersecurity into the foundation https://www.sophos.com/en-us/blog/building-cybersecurity-into-the-foundation An explainer of why this philosophy matters and how it reduces attack surface from the inside

Categories: Sophos Insights, Products & Services

Tags: Secure by Design, Thought Leadership

]]> Wed, 15 Apr 2026 00:00:00 GMT blt703810e529791e33 We let OpenClaw loose on an internal network. Here’s what it found https://www.sophos.com/en-us/blog/we-let-openclaw-loose-on-an-internal-network-heres-what-it-found Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks

Categories: Threat Research

Tags: OpenClaw, LLM, AI, penetration testing, Red Team, CISO, Sophos X-Ops

]]> Thu, 09 Apr 2026 00:00:00 GMT bltb7fb3b55650cde52 The vulnerability flood is here. Here’s what it means – and how to prepare https://www.sophos.com/en-us/blog/vulnerability-flood-is-here We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond.

Categories: Sophos Insights

Tags: LLM, AI, Exploit, vulnerability, Active Adversary, Pacific Rim

]]> Thu, 09 Apr 2026 00:00:00 GMT bltb2f3596f1b625ce7 Adobe Reader zero-day vulnerability in active exploitation https://www.sophos.com/en-us/blog/adobe-reader-zero-day-vulnerability-in-active-exploitation Categories: Threat Research

Tags: advisory, vulnerability, Adobe Reader

]]> Thu, 09 Apr 2026 00:00:00 GMT bltf5d876929c0ae5e8 Is compliance complexity outpacing IT capacity? https://www.sophos.com/en-us/blog/is-compliance-complexity-outpacing-it-capacity No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements

Categories: Products & Services

Tags: CISO, Compliance

]]> Wed, 08 Apr 2026 00:00:00 GMT blt0609c49a56770a57 Sophos named a 2026 Gartner® Peer Insights™ Customers' Choice for Managed Detection and Response https://www.sophos.com/en-us/blog/sophos-gartner-peer-insights-mdr Third consecutive time being named a Customers’ Choice for MDR

Categories: Products & Services

Tags: Gartner, Gartner Peer Insights, MDR, Sophos MDR, Third-Party Reviews

]]> Fri, 03 Apr 2026 00:00:00 GMT blt04b582b253776e2c Amazon GuardDuty enhances detection efficacy with Sophos threat intelligence https://www.sophos.com/en-us/blog/sophos-amazon-guardduty Amazon has integrated Sophos threat intelligence into Amazon GuardDuty, expanding the breadth and accuracy of malicious threat detection for customers running workloads on Amazon Web Services (AWS).

Categories: Products & Services

Tags: AWS, Sophos Intelix, amazon, Amazon GuardDuty, Sophos OEM

]]> Thu, 02 Apr 2026 00:00:00 GMT blt91e5d2c9b52d416d