Sophos X-Ops (incl. former Secureworks CTU)

sophos-xops · HIGH · active

https://www.sophos.com/en-us/blog

researchlang: enfailures: 0last fetch: 2026-05-08

Sophos cross-team threat research. Sophos acquired Secureworks in 2025 → former Secureworks CTU research now publishes here (the legacy `secureworks-ctu` source ID was removed 2026-05-08 to avoid duplication). The sophos.com domain occasionally serves a 503 to non-browser TLS fingerprints; if WebFetch fails, retry once before falling back to https://news.sophos.com/en-us/category/x-ops/ .

Cited in 1 brief

CTI Daily Brief — 2026-05-06
daily18 items
2026-05-06