February 2025 saw significant mergers and acquisitions in the cybersecurity sector, including Sophos’s $859 million acquisition of Secureworks and SolarWinds’ $4.4 billion buyout by Turn/River Capital, among other strategic deals aimed at enhancing security capabilities and market presence.
In 2024, third-party cyber risks accounted for 31% of client claims and ransomware incidents contributed to 61% of all claims, highlighting the growing need for businesses to address vendor vulnerabilities and enhance cybersecurity measures.
Chinese state-sponsored cyber operations have escalated sharply in 2024, with a 150% increase in attacks targeting critical infrastructure, driven by sophisticated tactics and the use of artificial intelligence.
The Open Source Security Foundation has introduced the Open Source Project Security Baseline, a framework designed to establish minimum security standards for open source software and enhance project trustworthiness.
The GhostSocks malware, a variant of Ghost ransomware, exploits long-standing vulnerabilities in various sectors globally, utilizing SOCKS5 for evasion and operating under a Malware-as-a-Service model.
The average time to remediate software security vulnerabilities has surged to 252 days, largely due to reliance on third-party code, leaving 50% of organizations with critical security debt.
