Recent cybersecurity reports indicate that thousands of Openfire XMPP servers remain vulnerable to a serious security flaw disclosed earlier this year. A report from VulnCheck highlights that these servers are unpatched and therefore at risk of being exploited by threat actors. The vulnerability, identified as CVE-2023-32315 and rated with a…
ESET cybersecurity researchers have reported the emergence of what they are calling the first UEFI rootkit actively utilized in the field. This advanced malware permits attackers to embed persistent malicious software within targeted devices, enabling it to withstand complete hard-drive formatting, which poses significant implications for affected organizations. The malware,…
RSAC Conference Welcomes Jen Easterly as New CEO Amid Industry Transformation Jen Easterly, a seasoned expert in cybersecurity with extensive experience in both public and private sectors, has been appointed as the new CEO of the RSAC Conference, commonly referred to as RSAC. Previously, Easterly served as the director of…
Litigation, Standards, Regulations & Compliance Court Dismisses Misstatement Claims in Class-Action Securities Suit Following CrowdStrike Outage Michael Novinson (MichaelNovinson) • January 14, 2026 A federal judge has dismissed a securities fraud lawsuit against CrowdStrike, alleging that the company misrepresented the safety and compliance of its products. The ruling comes after…
The Office of the Australian Information Commissioner (OAIC) has revealed a significant rise in data breaches attributed to human error, which accounted for 37% of all reported incidents—totaling 193 cases—marking an increase from 29% in the previous reporting period. The regulator underscored a critical insight: the “human factor” remains a…
In 2023, the rise of cyber attacks targeting e-commerce platforms has accelerated, largely driven by the shift toward omnichannel retail and the proliferation of API interfaces. As threat actors continuously seek to exploit these vulnerabilities, it underscores the critical necessity for regular security testing and real-time monitoring to swiftly identify…
Major Malware Campaign Targets Home Routers, Compromising User Security Chinese cybersecurity researchers have revealed a significant ongoing malware campaign, known as GhostDNS, which has compromised over 100,000 home routers. The attack modifies the Domain Name System (DNS) settings of these devices, routing users to malicious websites designed to steal login…
A hacker known as CamelliaBtw has claimed responsibility for a significant data breach impacting Max Messenger, a messaging platform developed by VK and launched on March 26, 2025. The announcement was made in a post yesterday on the DarkForums cybercrime marketplace, revealing the extent of the compromise. The forum thread,…
In a notable incident highlighting vulnerabilities even among high-profile figures, Facebook CEO Mark Zuckerberg recently fell victim to a cyber breach that compromised his Twitter and Pinterest accounts. This situation underscores the importance of stringent cybersecurity practices in managing online identities, especially for individuals in pivotal roles within the technology…
