Sophos and Secureworks have announced the completion of Sophos’ acquisition of Secureworks. The all-cash transaction values Secureworks at approximately $859 million. With the completion of the acquisition, Secureworks’ common stock has ceased trading on Nasdaq. Thoma Bravo, a leading software investment firm, backs Sophos.

With this acquisition, Sophos is now the leading pure-play cybersecurity provider of Managed Detection and Response (MDR) services, supporting more than 28,000 organizations of all sizes worldwide. The combination will enable Sophos to deliver an unparalleled security operations platform, featuring hundreds of built-in integrations for adaptive protection, detection and response for mitigating cyberattacks. The open and scalable platform helps organizations, especially those with diverse IT estates, safeguard current and future technology investments, providing greater operational efficiencies and return on cybersecurity spend. Sophos X-Ops is also expanding its threat intelligence and security services capabilities by adding the Secureworks Counter Threat Unit and security operations and advisory teams.

As a channel-first cybersecurity provider, Sophos remains unwavering in its commitment to delivering cutting-edge security services and technologies that empower our global community of resellers, Managed Service Providers (MSPs) and Managed Security Services Providers (MSSPs). This includes expanding their reach, enhancing operational scalability and providing stronger defences to the countless organizations that need the ability to effectively defend against today’s constant and complex cyberattacks.

“The market is embracing MDR as a clear means to deliver positive cybersecurity outcomes, and this has meant rapid growth in the category,” said Joe Levy, CEO, Sophos. “Sophos is differentiated by our very mature competencies in ransomware detection, malware analysis and threat actor tradecraft. These defences are further augmented by Sophos’ native artificial intelligence (AI), first innovated by our globally peer-recogniwed AI team nearly a decade ago, and embedded in our MDR, endpoint, network, email, and cloud security to more effectively neutralize and stop threats. With the integration of Secureworks, our expanded services and product portfolio will provide even stronger end-to-end security solutions that will include identity threat detection and response (ITDR), next-gen SIEM and managed risk, all in a single open platform. We will also be able to further advance our AI, threat intelligence and attack research through more diverse and deeper global telemetry that is analyst-tuned for the real world. At every level, we are very excited about this next accelerated chapter for Sophos.”

In the near term, Sophos and Secureworks are operating business as usual, working with our respective channel partners, MSPs and MSSPs worldwide to distribute our existing security services and technology. Both companies’ sales and customer experience groups will operate to support existing customers, assist with renewals and develop current and new business opportunities. Sophos protects more than 600,000 customers worldwide with its portfolio of MDR, endpoint, network, email, and cloud security solutions that integrate and adapt to provide real-time defence through the Sophos Central platform.

Under the terms of the agreement, Sophos acquired Secureworks in an all-cash transaction valued at approximately $859 million. Secureworks shareholders, including Dell Technologies, will receive $8.50 per share in cash. This represents a 28% premium to the unaffected 90-day volume-weighted average price (VWAP). Kirkland & Ellis LLP acted as legal counsel to Sophos, Goldman Sachs & Co. LLC., Barclays, BofA Securities, HSBC Securities (USA) Inc., and UBS Investment Bank acted as financial advisors and provided debt financing for the transaction. Piper Sandler & Company and Morgan Stanley & Co. LLC acted as financial advisors to Secureworks, and Paul, Weiss, Rifkind, Wharton & Garrison LLP acted as legal counsel.

The Supply Chain Security team at Positive Technologies’ Expert Security Center (PT ESC) discovered and neutralised a malicious campaign in the Python Package Index (PyPI) repository. This attack was aimed at developers, ML engineers, and anyone seeking to integrate DeepSeek into their projects.

The attacker’s account, created in June 2023, remained dormant until January 29, when the malicious packages deepseeek and deepseekai were registered. Once installed, these packages would register console commands. When these commands were executed, the packages began stealing sensitive user data, including information about their computers and environment variables often containing database credentials and access keys to various infrastructure resources. The attackers used Pipedream, a popular developer integration platform, as their command-and-control server to receive the stolen information.

Stanislav Rakovsky, Head of Supply Chain Security at PT ESC, explained, “Cybercriminals are always looking for the next big thing to exploit, and DeepSeek’s popularity made it a prime target. What’s particularly interesting is that the malicious code appears to have been generated with the help of an AI assistant, based on comments within the code itself. The malicious packages were uploaded to the popular repository on the evening of January 29.”

Given the heightened interest in DeepSeek, this attack could have resulted in numerous victims if the malicious activity had gone unnoticed for longer. Experts at Positive Technologies strongly recommend being more attentive to new and unknown packages.

SentinelOne has announced its participation at LEAP 2025, alongside its distributor, AlJammaz Technologies. The company will showcase its AI-powered cybersecurity solutions including advanced EDR, XDR, and ITDR solutions designed to deliver autonomous protection against evolving cyber threats.

SentinelOne’s solutions align with the Kingdom’s strategic priorities by offering proactive AI-driven protection for critical infrastructure, enterprises, and government entities. The company’s Singularity platform, known for its real-time, AI-driven threat detection, response, and prevention, will be at the centre of its presence at the exhibition. The platform enables enterprises to protect their endpoints, cloud environments, and identity layers, allowing them to innovate confidently amidst evolving cyber threats.

Speaking on their participation, Meriam ElOuazzani, Senior Regional Director, META at SentinelOne, said, “Cybersecurity remains central to progress with Saudi Vision 2030’s digital leadership and economic goals, and our solutions empower businesses to outpace evolving threats and fuel growth. By participating at LEAP, we aim to engage with key stakeholders in the tech ecosystem, explore new partnerships, and demonstrate how our solutions are reshaping workforce capabilities and the future of digital resilience.”

SentinelOne’s AI strategy focuses on delivering autonomous, real-time protection by leveraging machine learning and behavioural AI. This ensures businesses can detect, mitigate, and remediate cyberattacks faster and more effectively than traditional solutions. Senior executives from SentinelOne will be onsite at the AlJammaz Executive Lounge in Hall 1 to share insights on AI-driven security strategies and the future of autonomous cybersecurity. Visitors can also experience live demonstrations of the Singularity platform.