In a concerning development for global cybersecurity, Xiaomi, China’s leading smartphone manufacturer and the third largest in the world, has come under scrutiny for allegedly transmitting sensitive user data, such as IMEI numbers, phone numbers, and text messages, back to servers in Beijing. This revelation has raised significant alarm, particularly…
Governance & Risk Management, Zero Trust New NSA Recommendations Call for Ongoing Access Reviews and Overhauls in Implementation Chris Riotta (@chrisriotta) • February 2, 2026 NSA Headquarters located at Fort Meade, Maryland. (Image: NSA) The National Security Agency (NSA) has updated its mandates for federal agencies regarding the implementation of…
Los Angeles Law Firm Wisner Baum Faces Lawsuit Following Data Breach In a significant development in the realm of cybersecurity, the Los Angeles-based plaintiffs’ firm Wisner Baum has reportedly been sued in connection with a recent data breach that has raised serious concerns among its clientele and stakeholders. The lawsuit…
Critical Vulnerability Discovered in Expo.io’s OAuth Implementation A significant security flaw has been uncovered in the Open Authorization (OAuth) framework utilized by Expo.io, a popular application development platform. This vulnerability, identified as CVE-2023-28131, has been assigned a severe risk rating of 9.6 on the Common Vulnerability Scoring System (CVSS). According…
New Android Trojan Disguises Itself as Antivirus Threatening User Security Security experts from Cisco Talos have identified a new variant of an Android Trojan, disguised as a fraudulent antivirus application named “Naver Defender.” This malware, known as KevDroid, is a remote administration tool (RAT) capable of compromising Android devices by…
Exploitation of Notepad++ Vulnerabilities Raises Concerns Recent disclosures have highlighted significant vulnerabilities associated with Notepad++, the widely used text editor. Beaumont has elucidated that if an attacker can intercept and manipulate traffic directed to the Notepad++ download, they can redirect it to any location by altering the URL in the…
Cybersecurity Alert: Protecting Against Holiday Shopping Scams As the holiday shopping season approaches, encompassing the bustling days of Black Friday and Cyber Monday, an increased risk of cyber criminal activity emerges, prompting urgent attention from both consumers and retailers alike. This year, Black Friday falls on November 28, 2014, followed…
Scattered Lapsus Shiny Hunters: A New Threat in Cyber Extortion A notorious cyber extortion group known as Scattered Lapsus Shiny Hunters (SLSH) has been making headlines for its aggressive tactics in seeking ransoms from compromised organizations. This group employs a unique and harrowing approach that goes beyond conventional ransomware schemes,…
Recently, Notepad++, a widely-used text editor known for its lightweight and open-source nature, experienced a serious security breach involving its update system. This tool is favored by various users, including IT administrators, developers, and security researchers, due to its reliability and trustworthiness. In a statement released with version 8.8.9 of…