Hello. For years, policy experts dismissed proposals to allow private companies to engage in offensive cyber operations as misguided and legally catastrophic. That attitude is changing.

A bright line between state action and private-sector defense isn’t working, advocates for corporate cyber offense say. Hackers keep coming.

The thinking now is that proactive, or even offensive, cyber efforts from government in combination with big companies could help deter serious cyberattacks, WSJ Pro's James Rundle reports. Read our full story.

Correction: The number of U.S. cyber startups that raised seed funding in the October-December quarter rose to 35, up 53% from the same period in 2024, startup-development firm DataTribe said. Roughly 70% of those 35 U.S. cyber startups were in the AI market, the firm said. Wednesday’s newsletter incorrectly said the number of cyber startups that raised seed money in the most recent quarter was more than 1,000 and implied that roughly 700 seed deals went to cyber startups in the AI market.

• Related: Tel Aviv-based Gambit raised $61 million in seed and Series A funding from Spark Capital, Kleiner Perkins and Cyberstarts. 

Tech provider Marquis Software Solutions sued firewall maker SonicWall over a 2025 cyberattack that ultimately breached the data of hundreds of thousands of consumers of Marquis clients. Hackers accessed SonicWall firewall backup files and used them to break into companies that run SonicWall products, including Marquis, according to the suit filed in U.S. District Court for the Eastern District of Texas. (Cyber Express)

• Incident-response firm Mandiant found that the attacks came from a nation-state group. 

The Trump administration told Congress it won’t share with lawmakers the classified intelligence that led to a whistleblower complaint against U.S. spy chief Tulsi Gabbard, citing presidential claims of executive privilege. The intelligence at issue was assembled in a report by the National Security Agency early last year and relates to a conversation two foreign nationals had about Donald Trump’s son-in-law, Jared Kushner. (WSJ)

• Related from WSJ: Gabbard Whistleblower Complaint Based on Intercepted Conversation About Jared Kushner

Medical components company UFP Technologies is investigating a data theft after a Feb. 14 cyberattack disrupted billing and other systems, the Newburyport, Mass.-based firm said in a filing to the U.S. Securities and Exchange Commission.

• UFP, which makes packaging and other medical supplies, expects that “a significant portion” of its incident costs will be recovered through cyber insurance.

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.