
Matt Wixey
Matt Wixey is a Principal Technical Editor and Senior Threat Researcher at Sophos. He is a former penetration tester, and previously led cybersecurity R&D capabilities at both PwC UK and a specialist unit in the Metropolitan Police Service, digging into emerging attack vectors, vulnerabilities, and new technologies. Matt has spoken at national and international conferences, including Black Hat USA, DEF CON, ISF Annual Congress, 44con, and BruCon.
Content by Matt Wixey

Threat Research
Claude
Beagle
Backdoor
malvertising
AI
DONUT
DLL sideloading
Sophos X-Ops
Donuts and Beagles: Fake Claude site spreads backdoor
May 7, 2026

Threat Research
MacOS
infostealer
clickfix
MacSync
Social engineering
Evil evolution: ClickFix and macOS infostealers
March 11, 2026

Threat Research
Ransomware
Hive
Lockbit
BlackCat
LLM
AI
Money Laundering
Laughter in the dark: Tales of absurdity from the cyber frontline and what they taught us
January 13, 2026

Threat Research
Asyncrat
Backdoor
Cybercrime Forums
Featured
Lumma Stealer
Sophos X-Ops
The strange tale of ischhfd83: When cybercriminals eat their own
June 4, 2025

Threat Research
CVSS
Patch Tuesday
patching
Sophos X-Ops
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks
December 30, 2024

Threat Research
CVSS
Patch Tuesday
patching
Sophos X-Ops
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS
December 27, 2024

Threat Research
AuKill
BlackByte
BYOVD
Cybercrime Forums
drivers
Featured
Ransomware
Sophos X-Ops
terminator
zam
It’ll be back: Attackers still abusing Terminator tool and variants
March 4, 2024

Threat Research
Akira
anti-ransomware
CryptoGuard
Featured
Intercept X
Lockbit
Ransomware
Remote Ransomware
Sophos X-Ops
CryptoGuard: An asymmetric approach to the ransomware battle
December 20, 2023

Threat Research
Featured
fileless malware
memory scanning
process injection
Sophos X-Ops
Memory scanning leaves attackers nowhere to hide
November 9, 2023