TRM Labs Raises $70M Series C for AI Crime-Fighting Push

Michael Novinson • February 4, 2026

TRM Labs has secured $70 million in Series C funding led by Blockchain Capital reaching a $1 billion valuation. CEO Esteban Castano says the money will boost AI-powered investigations, compliance automation and intelligence as criminals use AI to scale cybercrime faster than defenders can respond.

Access Management

Barracuda CEO Bets on AI, Simplicity for Midmarket Defense

Latest

Artificial Intelligence & Machine Learning

How SCSU Is Rebuilding Campus Technology for the AI Era

Jennifer Lawinski • February 4, 2026

Like other schools, Southern Connecticut State University is under pressure to modernize legacy systems, strengthen security and adopt AI. CIO Tom Armstrong must balance expanding research ambitions, student expectations and operational efficiency in an increasingly complex risk environment.

Cybercrime

Harvard, UPenn Data Leaked in ShinyHunters Shakedown

Mathew J. Schwartz • February 4, 2026

Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

Fraud Management & Cybercrime

Victims Are Rebuffing Ransomware Mass Data Theft Campaigns

Mathew J. Schwartz • February 4, 2026

Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero by 2023, report ransomware responders.

HIPAA/HITECH

Questions Loom Ahead of Substance Abuse Privacy Rules Shift

Marianne Kolbasuk McGee • February 4, 2026

As the compliance deadline quickly approaches for changes to align the federal rules for the confidentiality of substance use disorder records with HIPAA, entities that participate in so-called Part 2 programs still face critical unanswered questions, said attorney Aleksandra Vold of BakerHostetler.

Standards, Regulations & Compliance

White House Nixes Biden-Era Software Security Rules

Chris Riotta • February 3, 2026

The White House rescinded two key software security policies requiring vendors to attest to secure development practices, citing excessive compliance burdens - but analysts warn the move risks weakening federal software assurance without strong, agency-level replacements.

Audit

HHS Audit Flags Web App Security Gaps at Large Hospital

Marianne Kolbasuk McGee • February 3, 2026

Security weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said.

Cyberwarfare / Nation-State Attacks

Compromise of Notepad++ Equals Software Supply Chain Fallout

Mathew J. Schwartz • February 3, 2026

The widely used, open source text-editing software Notepad++ for Windows said attackers exploited a vulnerability to redirect some users to sites that pushed a backdoor onto their system. Security experts have tied the attack to a broader campaign perpetrated by Chinese nation-state actors.

Agentic AI

A 24% Success Rate for AI Agents - Is That Acceptable?

Rahul Neel Mani • February 3, 2026

AI agents are quickly moving from experimental demos to enterprise pilots, and they're already being used for tasks such as financial analysis, document review and drafting. But as AI gains momentum, one question goes largely unanswered: How can we measure the effectiveness of AI agents?

Governance & Risk Management

NSA Tells Feds: Zero Trust Must Go Beyond Login

Chris Riotta • February 2, 2026

The National Security Agency's new zero trust guidance instructs agencies to move beyond login-based security by continuously assessing user behavior and app-layer activity in real time, aiming to close gaps that allow post-authentication abuse and elevate federal defenses against modern threats.

Data Breach Notification

Transparency in Decline as Data Breaches Hit New High

Anna Delaney • February 2, 2026

The Identity Theft Resource Center tracked a record 3,322 U.S. data breaches in 2025, more than any previous year. Yet, only 30% of breach notices included actionable details that other defenders need. ITRC's James Lee warns that this lack of transparency puts people and businesses at greater risk.

Data Security

Capital Health to Pay $4.5M in LockBit Breach Settlement

Marianne Kolbasuk McGee • February 2, 2026

Capital Health, which operates hospitals and other facilities in New Jersey and Pennsylvania, agreed to pay $4.5 million to settle consolidated class action litigation involving a 2023 LockBit ransomware and data theft attack affecting more than a 500,000 patients and employees.

Artificial Intelligence & Machine Learning

Ex-Google Engineer Convicted of Stealing AI Data for China

Rashmi Ramesh • February 2, 2026

A federal jury in San Francisco convicted a former Google software engineer of stealing thousands of pages of confidential AI data and transferring it to Chinese technology companies. Linwei Ding is guilty of seven counts of economic espionage and seven counts of trade secret theft.