Information Security

Kaseya announced Tuesday it has acquired trailblazing email security vendor Inky, as the company looks to drive an expansion of its AI-powered capabilities to enable proactive cyber defense.

Among the biggest cybersecurity acquisitions of 2025 are mega-deals by Google and Palo Alto Networks, along with multiple startup M&A deals from CrowdStrike, SentinelOne and Check Point.

Microsoft disclosed Monday that it has observed “active exploitation” of a maximum-severity vulnerability impacting Fortra’s GoAnywhere file transfer platform.

Oracle is linking a recent data extortion campaign targeting E-Business Suite customers to a zero-day vulnerability, with fixes released to address the critical-severity flaw, in contrast to its previous contention that the attacks resulted from unpatched known vulnerabilities.

For CRN’s Cybersecurity Week 2025, we’re looking at big moves in the MDR market this year including major vendor acquisitions and AI-powered product launches.

Scattered Lapsus$ Hunters–a group reportedly made up of members of ShinyHunters, Scattered Spider and Lapsus$–alleges that it has stolen Salesforce user data.

The data extortion campaign targeting Oracle E-Business Suite customers is connected to vulnerabilities addressed by the company in July, Oracle disclosed.

Red Hat confirmed Thursday that data belonging to customers of its consulting division was impacted in the compromise of a Red Hat-managed GitLab instance.

Red Hat disclosed that it has ‘initiated necessary remediation steps’ following a security incident involving a GitLab instance used by its consulting division.

Comparisons abound between the looming shift in encryption required for quantum computing and the circa-1990s preparations for Y2K, but that analogy is only partly right, according to IBM security software leader Suja Viswesan.