Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New Sophos survey reveals only 5% of IT leaders say they fully trust their cybersecurity vendors When organizations select a cybersecurity vendor, they’re placing critical operational resilience — people, data, and revenue — into that supplier’s hands. Yet despite this reliance, most organizations lack confidence in the vendors they depend on to keep them secure, according to new Sophos research.

On March 30, 2026, a supply chain security attack targeted Axios, a widely used JavaScript HTTP client for web and Node.js applications. Third-party researchers identified that Axios versions 1.14.1 and 0.30.4 published to the npm registry were compromised following the apparent takeover of a legitimate maintainer account. An attacker published unauthorized package updates that appeared legitimate.

Where AI in the SOC is actually delivering — and where it isn’t“We’ll have a generation of security professionals who can supervise AI but can’t function without it." For all the noise surrounding “agentic AI” in cybersecurity, security operations centers are still wrestling with the same fundamental questions: What does AI genuinely improve today? Where does it fall short? How can organizations tell the difference?

A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway? Sophos’ Managed Detection and Response (MDR) teams reported on a phishing campaign late last year that attempted to trick users into installing LogMeIn Resolve (formerly GoToResolve), a remote monitoring and management (RMM) tool, to acquire remote unattended access.

Cybercriminals are targeting schools more than ever, drawn by sensitive student and staff data and the chance to disrupt learning. For educators already managing tight budgets and growing digital demands, a single breach can mean days of downtime and lasting reputational damage. Criminals are increasingly attracted by the valuable and sensitive information education establishments hold, and the opportunity to extort payments using ransomware or the threat of breach exposure.

Sophos Firewall ranked the overall firewall solution in G2’s Spring 2026 reports Why organizations are choosing Sophos Firewall to reduce exposure and strengthen resilience When organizations evaluate security products, they want real‑world proof of reliability, protection, and ease of management.

Counter Threat Unit (CTU) researchers continue to investigate trends in Contagious Interview campaign activity conducted by NICKEL ALLEY, a threat group operating on behalf of the North Korean government. The group notoriously targets professionals in the technology sector by advertising fake job opportunities, deceiving prospective candidates through a fake job interview process, and ultimately delivering malware.

On March 20, 2026, Oracle disclosed a critical (CVSS score of 9.8) vulnerability (CVE-2026-21992) impacting two Oracle Fusion Middleware components: Oracle Identity Manager and Oracle Web Services Manager. An unauthenticated attacker could exploit the vulnerability to obtain network access via HTTP and remotely execute code. Critical functions of the products are exposed due to the lack of network-level authentication. As of this publication, there are no reports of active exploitation.

The global CISO landscape: A leadership gap too large to ignore Why the world needs scalable security leadership — and MSPs and MSSPs are key to delivery The 2026 CISO Report, published by Cybersecurity Ventures in partnership with Sophos, highlights a critical imbalance in global cybersecurity leadership. Despite decades of progress and near-universal CISO adoption in Fortune 500 and Global 2000 organizations, there are still only 35,000 CISOs worldwide serving an estimated 359 million businesses.