Bending Spoons remains largely unknown, even as its portfolio of products has served more than a billion people.

Learn more about Netflix's acquisition of Warner Bros., considered the most historic megadeal in Hollywood, as it continues to develop.

Before everyone sharpens their knives, consider that for the VCs who backed Brex at its outset, the sale is a triumph.

However, the streaming giant is still offering the same $27.75 the companies had agreed on for WBD's movie studio and streaming assets, and the deal continues to value the company at $82.7 billion.

Seattle-area startup Included announced Wednesday that it has been acquired by Phenom, a global human resources company based in Pennsylvania. Terms of the deal were not disclosed.

Included launched five years ago in the wake of George Floyd’s murder and the widespread move by companies nationwide to better support racial and ethnic diversity throughout their operations. The startup initially focused its data analytics on DEI-related efforts, but expanded to support employee retention and engagement, faster hiring timelines, and managing performance evaluations.

Raghu Gollamudi, Included’s co-founder and CEO, called the acquisition “a major accelerator for our vision.”

“By integrating Included into Phenom’s Applied AI platform, we’ll bring more Native AI and Agentic AI into people analytics — so teams can move from static dashboards to insights that are timely, actionable, and embedded in how work actually happens,” Gollamudi said on LinkedIn.

Included has less than 15 employees, according to LinkedIn data. Jennifer Lyons, spokesperson for Phenom, said via email that “a majority of Included employees have become Phenom employees.”

She added that Included will not continue as a standalone brand. “Phenom has a successful history of natively integrating acquisitions into our broader Applied AI platform,” she said. “This approach helps existing customers of both companies succeed.”

Included was created by a trio of co-founders:

• Gollamudi, who won Startup CEO of the Year at the 2022 GeekWire Awards, previously co-founded privacy tech startup Integris Software, which sold to OneTrust in 2020. Earlier in his career, he was a principal development lead at Microsoft for nine years.
• Chandan Golla, the company’s chief product and customer officer, was vice president of products at Integris and worked at eBay for more than a decade.
• Laura Close, the startup’s chief business development officer, previously worked in career consulting and in support of labor organizations. Close is now CEO of Close Cohen, a job search and executive coaching firm.

Included raised $7.3 million from investors that include FlyingFish, SignalFire, Ascend, Trilogy Equity Partners and Alumni Ventures.

While Phenom would not provide details on the deal, Lyons said, “Investors are pleased.”

Editor’s note: Story updated Jan. 15 to correct the funding total and include comments from Phenom regarding the status of former Included employees, Included’s integration and investor response.

AI health records startup Torch will be using its tech for OpenAI's new ChatGPT Health, according to co-founder Ilya Abyzov.

As two major streaming platforms — Warner Bros. and Netflix — prepare for a merger, concerns continue to be voiced about the implications of the deal, which represents more consolidation in the media business.

The bid comes from Quantum Computing Inc., which already lined up to buy Luminar's semiconductor division. Luminar founder Austin Russell has also expressed interest.

Significant cybersecurity M&A deals announced by Akamai, Red Hat, Checkmarx, Silent Push, and ServiceNow.

The post Cybersecurity M&A Roundup: 30 Deals Announced in December 2025 appeared first on SecurityWeek.

The total disclosed value for all the cybersecurity M&A deals announced in 2025 exceeded $84 billion.

The post 8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025 appeared first on SecurityWeek.

A Kirkland, Wash.-based tech company is suing its New York-based acquisition advisor, alleging it was pushed into a $5.2 million acquisition that was supposed to generate $1 million annually but has instead required ongoing cash infusions just to stay afloat.

The lawsuit, filed on behalf of SmarTek21, a longtime technology consulting services firm, accuses TGP GP Management of “egregiously defective due diligence” in its May 2025 acquisition of IT Avalon, another U.S.-based tech consulting company.

According to the complaint, Tortuga Growth Partners, a New York-based private equity firm, acquired a minority stake in SmarTek21 in 2024. Its affiliate, TGP GP Management, a management and acquisition advisory firm, entered into an agreement to advise SmarTek21 on acquisitions and related matters.

TGP responded in a statement: “TGP strongly disputes the allegations in this complaint and stands by the comprehensive due diligence process conducted for the IT Avalon acquisition.”

The lawsuit was filed Dec. 18 in King County Superior Court in Seattle by Totem Lake Investments II, the majority owner of SmarTek21. Totem Lake Investments is led by SmarTek21 CEO Alkarim Lalji. The suit seeks at least $6 million in damages, plus punitive damages and other relief.

According to the complaint, TGP almost immediately began pressuring SmarTek21 to acquire IT Avalon, as a complementary business that would augment SmarTek21’s existing model and diversify its customer base. The suit says TGP represented that IT Avalon would generate at least $1 million annually in free cash flow, before other benefits from the combination.

The complaint alleges that TGP’s principal Ashray Prasad dismissed concerns raised by SmarTek21 executives about IT Avalon’s deteriorating finances in the days before closing. According to the suit, Prasad repeatedly called Lalji urging him to close the deal — placing many of these calls while Lalji was undergoing treatment for a serious medical condition.

The lawsuit alleges TGP pursued the IT Avalon acquisition out of “enthusiasm for transaction fees, publicity, and the appearance of quick deal-making.”

According to the suit, IT Avalon’s revenue had been declining since 2022, and its operating income had dropped significantly, while its vendor relationships deteriorated.

TGP structured the deal so that any working capital shortfall would be offset against future earnout payments to IT Avalon’s sellers. But that proved worthless, the suit alleges, because IT Avalon had almost no chance of hitting the revenue targets that would trigger those payments.

In its statement, TGP disputed these claims.

“IT Avalon is a strong technology business with valuable client relationships,” it said. “The combined entity now benefits from an expanded client base, talented personnel, and a robust pipeline of opportunities. We intend to vigorously defend against these baseless claims.”

The dispute illustrates the complicated nature of private equity-led technology roll-up strategies, in which smaller companies are combined to create larger platforms.

The acquisition of IT Avalon in May was the second in six months for SmarTek21, following its earlier combination with Retro Rabbit, a South Africa-based product design firm, according to a press release by Tortuga Growth Partners announcing the IT Avalon deal at the time.

“We are building a category-defining platform,” said TGP’s Prasad, who is also a member of SmarTek21’s board of managers, in the press release. He added that the completion of the second acquisition over that time frame reflected “the momentum behind SmarTek21’s growth.”

According to the company’s public materials, SmarTek21 provides product engineering and enterprise software services to Fortune 250 clients in industries including financial services, healthcare, and telecom. It says it has more than 650 associates across the U.S., India, and South Africa.

IT Avalon, founded in 2012, provides technology consulting services to clients in financial services, healthcare, gaming, and hospitality. The May press release announcing the deal described the company as having a 95% client retention rate.

Lalji and SmarTek21 did not respond to requests for comment. See the full complaint below.

SmarTek21 v. TGP Management by GeekWire

Seattle-based mental health startup Joon Care has been acquired by Handspring Health, a New York-based health tech company. Terms of the deal were not disclosed.

“The acquisition is a major step toward building the most clinically rigorous and digitally engaging platform for youth and family mental healthcare in the country,” said Sahil Choudhry, co-founder and CEO of New York-based Handspring, in a LinkedIn post.

Joon launched in 2019 to provide online care for teens and young adults, pairing digital tools with virtual therapy sessions. The company serves patients 13- to 26-years-old who need help with anxiety, depression, disordered eating, sexual and gender identity, academic problems and other challenges. The course of therapy typically runs 16 weeks. The company’s program emphasizes its use of evidence-based care strategies and patient assessments to track progress.

Joon spun out of Seattle’s Pioneer Square Labs (PSL) and raised an initial $3.5 million round in 2020. Two years ago, it announced an additional $6 million investment, which would provide two to three years of operations, CEO Emily Pesce said at the time.

Handspring said in a press release that it would be integrating the companies’ “expert teams,” but did not say if all of Joon’s employees would be retained. The company has roughly 50 employees, based on information on LinkedIn.

GeekWire reached out to Pesce and will update the story if we hear back.

Handspring launched in 2021 and has raised $18.2 million, according to PitchBook. It also provides virtual therapy and online support, serving a slightly larger demographic with patients from 8- to 29-years-old.

Both companies operate multi-state platforms. Joon is licensed to provide care in Washington, Oregon, California, Texas, New York, Delaware and Pennsylvania. Its treatment is covered by 16 insurance companies, according to its website, and includes national giants Aetna and UnitedHealthcare.

Joon also launched a partnership in 2023 with the City of Seattle to provide free care to clients who are referred to the startup through the city’s human services programs. The collaboration appears to be ongoing, and Handspring said it would continue serving families under Joon’s existing contracts with government agencies, as well as treatment covered by insurance companies.

Pesce was a finalist for Startup CEO of the Year at the 2023 GeekWire Awards.

More consolidation is afoot in the world of cybersecurity. Bitsight, a cybersecurity startup last valued at $2.4 billion when ratings firm Moody’s took a stake in the business and became its largest shareholder in 2021, is acquiring Cybersixgill for $115 million. Boston-based Bitsight’s focus is cyber risk management. It works with enterprises to assess their […]

What You Should Consider Before Launching a Security Test for Your Third Parties and Vendor

A paradox of cybersecurity’s function in business is that businesses provide value by creatively sharing and using information, but cybersecurity benefits from less sharing and access to data. 

This holds doubly true in the area of third-party security for large organizations that must adhere to stricter regulations, such as banks and government agencies. It is nearly impossible to conduct business without frequently and openly sharing valuable information with, or via, third parties. 

Drug developers rely on clinical research partners for essential data. Banks exchange information with credit agencies, other banks, regulators and more. All of this drives software development and infrastructure changes constantly, and some percentage of those changes introduce security vulnerabilities that are detected late in the process, which poses risk for the organizations. 

Many feel that they get more security “bang-for-the-buck” through third-party testing—testing the software of others. A 2022 study by the Ponemon Institute found that while 75% of respondents are concerned about the risk of ransomware linked to third parties, only 36% of organizations evaluate their own security and privacy practices. An earlier 2019 Ponemon study found that if it were a third party that caused a data breach, the cost increased by more than $370,000 (raising it to $4.3 million). Shoring up third-party defenses clearly has benefits for multiple parties (and your customers).

How Synack Customers Test Third Parties

Synack has seen customers try different approaches for testing third parties. Tests are either 1) encouraged, 2) required or 3) coordinated. 

In the first model, third parties are strongly encouraged to get a security test from Synack and share the results with their partner, usually the larger of the two companies. It’s not forced; ultimately, it’s up to the third party to decide if their relationship benefits from a security test. 

In the second model, security testing is a requirement for a relationship to be contractually completed. Finally, the Coordinated Testing model is the one Synack sees growing the fastest. In this model, the larger company with several third parties to test purchases tests on behalf of other companies and mandates testing. Usually, they specify the testing intensity as well, by choosing a basic Synack test or a more comprehensive offering. This secures testing resources and makes it easier to share data via a testing platform built for it. 

Issues to Consider when Testing Third Parties

Whichever model you prefer, there are several things to consider. First, what is the chargeback model, if any, for security tests? Does the third party pay, the first party or someone else? Does the payment happen up front or in a later, internal accounting?  The latter helps execute testing faster, which is ultimately what many companies want to reduce risk earlier.

Next, what legal agreements need to be in place? All Synack customers have clear contracts with Synack that cover testing. In some cases, an identical contract is needed with a third party, but more frequently, it’s a simpler agreement. Consult with your legal team to find the simplest but most effective way to expand testing on your assets, regardless of where they reside. 

Finally, there is information sharing. Do vulnerabilities found on a third party get reported to the primary party? In most cases, the primary party simply wants to know that vulnerabilities are not present, which can be done with patch verification reports. Synack’s robust role-based access control system and reporting allow for any choice along this spectrum to be securely shared according to the wishes of the companies. Information can be shared via a final report, access to the Synack Portal (with real-time information about testing efforts and results) or both.

Whatever you choose, third-party security testing to clean up potential vulnerabilities advances the ultimate goal for many companies: safer users and data. 

The post 3 Approaches to Security Testing for Third Parties appeared first on Synack.

You can begin intelligence-driven investigation and evaluation much earlier without needing network access or information sharing.