Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
(Jonathan Greig – The Record) The number of ransomware victims paying up to unlock systems is falling significantly even as the total number of incidents increases. Blockchain research company Chainalysis released its annual analysis of the ransomware economy on Thursday, finding that while claimed attacks grew by 50%, victim payment rates dropped to a record low of 28%. Chainalysis tracked about $820 million in payments to ransomware actors in 2025 but noted the figure is expected to rise to $900 million as they attribute more incidents and payments to ransomware gangs. In 2024, the figure was initially tracked as $813 million and eventually grew to $892 million as more payments were discovered. – https://therecord.media/ransomware-payments-chainalysis-cybercrime
After years of government cyber trouble, UK turns to automated scanning to speed fixes
(Alexander Martin – The Record) The British government said Thursday it has slashed the time required to fix some of the most serious cyber vulnerabilities across the public sector, pointing to a new automated monitoring service as evidence that Whitehall is finally getting a grip on long-troubled digital defenses. Called the Vulnerability Monitoring Service, the system operates as a central scanning platform that continuously checks internet-facing systems used by public bodies, from central government departments to health and local authorities, for signs of known security weaknesses. Officials from the Department for Science, Innovation and Technology (DSIT) said the service covers around 6,000 organizations and is leading to about 400 confirmed vulnerabilities being processed and resolved each month. – https://therecord.media/united-kingdom-vulnerability-scanning-cyber
PowerSchool, Chicago Public Schools to settle student data privacy lawsuit for $17 million
(Suzanne Smalley – The Record) The education software company PowerSchool and Chicago Public Schools have agreed to pay $17.25 million to settle a proposed class-action lawsuit that accused them of violating students’ privacy by eavesdropping on their communications, court documents show. The plaintiff, a student identified as Q.J., on Monday asked an Illinois federal judge to approve the proposed settlement and end what the motion called a “first-of-its-kind action that arises out of the alleged unlawful wiretapping of, and eavesdropping upon, school students while they used school-mandated education technology products.”. The lawsuit argued that PowerSchool Holdings, its subsidiary Hobsons, Inc. and the analytics firm Heap Inc. collected sensitive personal data about millions of students by covertly recording their communications. – https://therecord.media/powerschool-cps-settle-proposed-class-action
Medical device firm UFP says backup data systems deployed following cyberattack
(Jonathan Greig – The Record) A large medical device manufacturer reported a cyberattack to federal regulators on Tuesday evening, warning investors that some company data was stolen or destroyed. UFP Technologies filed a notice with the Securities Exchange Commission (SEC) explaining that the company discovered a cyberattack on February 14 that required it to isolate some IT systems, launch an investigation and eventually restore data using backups. The company said it initially discovered suspicious activity before calling in assistance from outside cybersecurity experts. – https://therecord.media/ufp-technologies-medical-devices-sec-filing-cyberattack
Chinese prosecutors raise alarm about growth of domestic IP theft
(Alexander Martin – The Record) A senior official at China’s top prosecutorial agency said that Beijing is stepping up criminal enforcement against commercial espionage and technology leaks to protect domestic innovation. Liu Taizong, deputy director-general of the intellectual property department at the country’s top prosecutorial agency, said on Tuesday that prosecutors nationwide are increasing cases involving alleged theft of trade secrets and key technologies, as reported by state media. From 2021 through 2024, authorities handled more than 1,200 business secret infringement cases, Liu said, with another 232 cases in the first 11 months of 2025, adding that enforcement is focusing on sectors including artificial intelligence, biomanufacturing and energy, as officials seek to counter what he described as growing risks of technology leakage. – https://therecord.media/china-domestic-ip-theft-crackdown
Exploitable Vulnerabilities Present in 87% of Organizations
(Phil Muncaster – Infosecurity Magazine) Eighty-seven percent of organizations have at least one exploitable software vulnerability in production, affecting 40% of all services, a new report from DataDog has revealed. The observability and security specialist revealed the findings in its State of DevSecOps Report, which is based on telemetry from tens of thousands of applications and additional datasets. It noted that vulnerabilities are most common in Java services (59%), followed by .NET (47%) and Rust (40%). However, not all CVEs need prioritizing. DataDog claimed that only 18% of critical dependency vulnerabilities stay critical after adjusting the severity score according to runtime and CVE context. – https://www.infosecurity-magazine.com/news/exploitable-vulnerabilities-in-87/
UK’s Data Watchdog Gets a Makeover to Match Growing Demands
(Kevin Poireault – Infosecurity Magazine) A forthcoming update to the UK General Data Protection Regulation (GDPR) is about to introduce major changes in the governance of the Information Commissioner’s Office (ICO). The national data protection regulator will move from a single-leader model – under the status of corporation sole, with a commissioner at its head – to a board-run government agency. This shift is designed to meet the agency’s growing scope and expanding workload and bring more diverse expertise to data protection. Paul Arnold, who has been working at the ICO for the past 28 years, was named the first CEO of the new ICO structure in the summer of 2025 – https://www.infosecurity-magazine.com/news/uk-data-watchdog-ico-makeover/
44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds
(Alessandro Mascellino – Infosecurity Magazine) There has been a 44% increase in cyber-attacks exploiting public-facing applications, IBM X-Force has warned. The newly published the 2026 IBM X-Force Threat Intelligence Index report points to missing authentication controls and AI-enabled vulnerability scanning as major drivers behind the spike. Vulnerability exploitation emerged as the leading cause of incidents in 2025, accounting for 40% of cases observed by IBM X-Force. At the same time, active ransomware and extortion groups grew 49% year over year, signalling a more fragmented ecosystem. Publicly disclosed victim counts rose by roughly 12%. – https://www.infosecurity-magazine.com/news/app-exploits-surge-ai-speeds/
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
(Pierluigi Paganini – Security Affairs) Google, with industry partners, disrupted the infrastructure of UNC2814, a suspected China-linked cyber espionage group that breached at least 53 organizations in 42 countries. The group has been active since at least 2017, and was spotted targeting governments and global telecoms across Africa, Asia, and the Americas, making it a highly prolific and elusive threat. UNC2814 is likely linked to additional infections in more than 20 other nations. “Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents.” reads the GTIG’s report. “The threat actor, UNC2814, is a suspected People’s Republic of China (PRC)-nexus cyber espionage group that GTIG has tracked since 2017. “ – https://securityaffairs.com/188521/apt/google-gtig-disrupted-china-linked-apt-unc2814-halting-attacks-on-53-orgs-in-42-countries.html
Deputising UK Counter-Cybercrime Operations
(Gareth Mott – RUSI) The paper ‘Exploring Cyber Deputisation: Enhancing UK Cyber Statecraft Against Organised Cybercrime’ examines the potential of deputising private sector entities to conduct disruptive cyber operations against serious and organised cybercrime targeting the UK. Amid escalating cyber threats and constrained public resources, the paper explores the feasibility of a modern-day ‘letters of marque’ approach to bolster the UK’s cyber defence capabilities. Drawing on international comparisons and academic debates, the paper provides a comprehensive analysis of the benefits, risks, and legal considerations of cyber deputisation. – https://www.rusi.org/explore-our-research/publications/insights-papers/deputising-uk-counter-cybercrime-operations
