The Breach News

UK Crypto Companies Linked to Iran Sanctions

Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Also: NodeCordRAT Malware, North Korean QR-Phishing Campaign Rashmi Ramesh (rashmiramesh_) • January 15, 2026 Image: Shutterstock This week, Information Security Media Group highlights significant cybersecurity incidents concerning digital assets. Notably, two U.K. cryptocurrency exchanges face allegations of facilitating Iranian sanctions evasion,…

Read MoreUK Crypto Companies Linked to Iran Sanctions

Victoria Department of Education Data Breach Compromises Student Information – SC Media

Victoria Department of Education Data Breach Exposes Student Information A significant data breach has recently transpired, affecting the Victoria Department of Education, which has potentially compromised sensitive student information. This incident raises serious concerns regarding data security within educational institutions, and emphasizes the ongoing risks associated with cyber vulnerabilities in…

Read MoreVictoria Department of Education Data Breach Compromises Student Information – SC Media

Thousands of Unsecured Openfire XMPP Servers Vulnerable to Critical Flaw

Recent cybersecurity reports indicate that thousands of Openfire XMPP servers remain vulnerable to a serious security flaw disclosed earlier this year. A report from VulnCheck highlights that these servers are unpatched and therefore at risk of being exploited by threat actors. The vulnerability, identified as CVE-2023-32315 and rated with a…

Read MoreThousands of Unsecured Openfire XMPP Servers Vulnerable to Critical Flaw

Cybersecurity Researchers Discover First Known UEFI Rootkit in the Wild

ESET cybersecurity researchers have reported the emergence of what they are calling the first UEFI rootkit actively utilized in the field. This advanced malware permits attackers to embed persistent malicious software within targeted devices, enabling it to withstand complete hard-drive formatting, which poses significant implications for affected organizations. The malware,…

Read MoreCybersecurity Researchers Discover First Known UEFI Rootkit in the Wild

Court Dismisses Investor Lawsuit Regarding CrowdStrike Software Update

Litigation, Standards, Regulations & Compliance Court Dismisses Misstatement Claims in Class-Action Securities Suit Following CrowdStrike Outage Michael Novinson (MichaelNovinson) • January 14, 2026 A federal judge has dismissed a securities fraud lawsuit against CrowdStrike, alleging that the company misrepresented the safety and compliance of its products. The ruling comes after…

Read MoreCourt Dismisses Investor Lawsuit Regarding CrowdStrike Software Update

Gallagher Expands on Cyber Breach and Privacy Responsibilities in Australia

The Office of the Australian Information Commissioner (OAIC) has revealed a significant rise in data breaches attributed to human error, which accounted for 37% of all reported incidents—totaling 193 cases—marking an increase from 29% in the previous reporting period. The regulator underscored a critical insight: the “human factor” remains a…

Read MoreGallagher Expands on Cyber Breach and Privacy Responsibilities in Australia

Cyberattacks Aimed at E-commerce Platforms

In 2023, the rise of cyber attacks targeting e-commerce platforms has accelerated, largely driven by the shift toward omnichannel retail and the proliferation of API interfaces. As threat actors continuously seek to exploit these vulnerabilities, it underscores the critical necessity for regular security testing and real-time monitoring to swiftly identify…

Read MoreCyberattacks Aimed at E-commerce Platforms