Zero-Day Vulnerability Discovered in Apache OfBiz ERP System A serious zero-day vulnerability has been identified in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. This flaw poses significant risks as it could potentially allow attackers to bypass essential authentication…
Recent research has uncovered four new variants of HTTP request smuggling attacks that pose threats to a range of widely used web and HTTP proxy servers. Amit Klein, Vice President of Security Research at SafeBreach, shared these findings at the…
AI Face-Swapping App Linked to Cybercrime in Southeast Asia The artificial intelligence application Haotian, designed for face-swapping capabilities, has emerged as a major player in the realm of online fraud. This Chinese-language app has reportedly generated millions of dollars by…
Data Breach at Typeform Exposes User Information Typeform, a prominent data collection firm based in Spain, has reported a data breach that has potentially compromised the information of some users. This incident was identified on June 27, prompting the company…
Fraud Management & Cybercrime, Governance & Risk Management, Multi-factor & Risk-based Authentication Practical Steps to Enhance Security and Resilience Sean D. Mack • December 17, 2025 Image: Shutterstock Leaders of small and mid-sized enterprises (SMEs) frequently assert, “We’re too small…
Class Action Settlements in Healthcare Data Breaches In a recent development, three healthcare providers have reached settlements in a class action lawsuit concerning data breaches that compromised sensitive patient information. This agreement reflects a growing concern over patient data security…
Recent research from Ruhr University Bochum has revealed a critical security vulnerability in the Secure Shell (SSH) protocol, which is widely used for secure communications over untrusted networks. The vulnerability, designated as Terrapin (CVE-2023-48795), exhibits a CVSS score of 5.9,…
Emotet Malware: A Case Study in Cybersecurity Countermeasures In a notable development in cybersecurity, research into the Emotet malware—a widely recognized email-based threat responsible for numerous botnet-driven spam and ransomware assaults—has revealed a significant vulnerability. Cybersecurity experts were able to…
In a troubling revelation, Facebook has acknowledged that it provided various technology companies and app developers with continued access to user data, despite its public assertions in 2015 that such access had been curtailed. This admission offers a rare glimpse…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development, The Future of AI & Cybersecurity Experts Warn: AI is Accelerating Sophisticated Cyber Attacks Chris Riotta (@chrisriotta) • December 17, 2025 Image: Shutterstock As emerging technologies reshape the threat landscape,…
