Hello. Palo Alto Networks is in talks to acquire the Israeli cybersecurity provider CyberArk Software in what would mark one of the biggest technology takeovers so far this year, according to people familiar with the matter.

Palo Alto Networks has been on an acquisition hunt, vying to build up a bigger company that can handle a client’s full-range of security needs to better fight threats from artificial intelligence. But it has never done a deal as big as CyberArk. Read the full story. 

Also today: 

• One step closer to getting the skinny on true Salt Typhoon damage
• Minnesota National Guard helps respond to hack on Saint Paul
• High cost of privacy settlement for BJC Health System
• Ransomware threats snowball in oil and gas sector
• And more

• Sen. Ron Wyden (D., Ore.) has advocated for the report's release, last week saying he would block a vote to confirm CISA leader nominee Sean Plankey unless the document came out.
• Further reading from WSJ: How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons

National Guard to help Minnesota respond to cyberattack. Gov. Tim Walz activited the Guard Tuesday after contending with a weekend of outages and disruptions to municipal services from a cyberattack that began Friday on government systems in state capital Saint Paul. (Bleeping Computer)

• "The scale and complexity of this incident exceeded both internal and commercial response capabilities," Walz's executive order said.
• Emergency services are functioning while public works, online payments and other systems for residents aren't. 

French telecom giant Orange said it expects to begin restoring downed services on Wednesday, after a cyberattack detected Friday disrupted certain systems for both corporate and consumer customers. 

Fermi National Accelerator Laboratory said it stopped an attempted hack of its Microsoft SharePoint servers. The “impact was minimal, with no sensitive or classified data accessed,” said a spokesperson for Fermilab, one of the Energy Department's 17 national labs. (Bloomberg)

• More on the SharePoint problem from WSJ: A Failed Microsoft Security Patch Is the Latest Win for Chinese Hackers

Oil and gas under threat. Ransomware attacks against oil and gas companies jumped more than 900% from April 2024 to April 2025, according to new research from cyber provider Zscaler. Thirty-four new ransomware groups emerged during those 12 months, bringing to 425 the number of ransomware attackers the company monitors. (Cybersecurity Dive)

Missouri healthcare provider settles pixel suit for up to $9.25 million. St. Louis-based BJC Health System agreed to pay an estimated $35 each to patients whose personal and health data was sent to tech and advertising sites including Facebook, Google and SiteScout by tracking software on BJC's website between June 2017 and August 2022.

• Patients sued BJC for sharing their information without consent. The health system denied wrongdoing.
• Henry Ford Health and other care providers have settled similar suits in recent months. (HIPAA Journal)

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.