Targeted Phishing Campaign Hits Ledger Users Following Global-e Breach A new phishing campaign is currently targeting users of Ledger, the leading hardware wallet provider, following a significant data breach at Global-e, a third-party e-commerce company associated with Ledger. The attack…
Atlassian has announced critical updates to address a severe zero-day vulnerability impacting publicly available Confluence Data Center and Server instances. The flaw, identified as CVE-2023-22515, poses a significant security risk as it can be exploited remotely by attackers to create…
In a significant cybersecurity case, a 20-year-old college student has pleaded guilty to stealing over $5 million in cryptocurrency through the illicit practice known as SIM swapping. Joel Ortiz, arrested last year, exploited this technique to target approximately 40 victims,…
In a significant escalation of cybersecurity threats, 2016 has emerged as a watershed year for data breaches, impacting numerous high-profile companies and compromising over a billion user accounts globally. Most recently, Weebly and Foursquare fell prey to these cyber incidents,…
Endpoint Security, Governance & Risk Management, Internet of Things Security FCC Lacks Leadership for Cyber Trust Mark Program Following UL Solutions’ Withdrawal Chris Riotta (@chrisriotta) • January 6, 2026 The recent withdrawal of the FCC’s lead administrator for its consumer…
Ledger, the prominent provider of crypto hardware wallets, has reported a security breach involving its third-party payment processor, Global-e. This incident has led to the exposure of customer names and contact details. Although the exact number of affected customers remains…
On Wednesday, Apple released critical security updates aimed at mitigating a recently identified zero-day vulnerability in both iOS and iPadOS. This flaw, designated as CVE-2023-42824, is reportedly being exploited in the wild, raising alarm for users and businesses alike. The…
This week, VFEmail.net, a U.S.-based secure email provider, reported a catastrophic data breach that resulted in the complete loss of user data and backups. The attack, executed by unidentified hackers, devastated the company’s infrastructure, erasing nearly two decades of information…
A recent indictment by U.S. authorities has identified 29-year-old Russian national Yevgeniy Aleksandrovich Nikulin as the perpetrator behind significant data breaches affecting LinkedIn, Dropbox, and the now-defunct social network Formspring. This announcement follows the successful arrest of Nikulin by the…
Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) Geopolitical Tensions Heighten Risk to Operational Technology from State Actors and Cybercriminals Tony Morbin (@tonymorbin) • January 6, 2026 Cyberattacks on critical infrastructure, especially against operational technology systems, are forecasted…
