Atlassian has announced critical updates to address a severe zero-day vulnerability impacting publicly available Confluence Data Center and Server instances. The flaw, identified as CVE-2023-22515, poses a significant security risk as it can be exploited remotely by attackers to create unauthorized administrator accounts, consequently allowing access to Confluence servers. This…
In a significant cybersecurity case, a 20-year-old college student has pleaded guilty to stealing over $5 million in cryptocurrency through the illicit practice known as SIM swapping. Joel Ortiz, arrested last year, exploited this technique to target approximately 40 victims, resulting in a guilty plea that could lead to a…
In a significant escalation of cybersecurity threats, 2016 has emerged as a watershed year for data breaches, impacting numerous high-profile companies and compromising over a billion user accounts globally. Most recently, Weebly and Foursquare fell prey to these cyber incidents, joining a grim list of organizations affected by massive data…
Endpoint Security, Governance & Risk Management, Internet of Things Security FCC Lacks Leadership for Cyber Trust Mark Program Following UL Solutions’ Withdrawal Chris Riotta (@chrisriotta) • January 6, 2026 The recent withdrawal of the FCC’s lead administrator for its consumer cybersecurity labeling initiative raises significant questions about the future of…
Ledger, the prominent provider of crypto hardware wallets, has reported a security breach involving its third-party payment processor, Global-e. This incident has led to the exposure of customer names and contact details. Although the exact number of affected customers remains undisclosed, it’s important to clarify that this breach did not…
On Wednesday, Apple released critical security updates aimed at mitigating a recently identified zero-day vulnerability in both iOS and iPadOS. This flaw, designated as CVE-2023-42824, is reportedly being exploited in the wild, raising alarm for users and businesses alike. The vulnerability exists within the kernel and can be exploited by…
This week, VFEmail.net, a U.S.-based secure email provider, reported a catastrophic data breach that resulted in the complete loss of user data and backups. The attack, executed by unidentified hackers, devastated the company’s infrastructure, erasing nearly two decades of information in just a few hours. Such a loss is a…
A recent indictment by U.S. authorities has identified 29-year-old Russian national Yevgeniy Aleksandrovich Nikulin as the perpetrator behind significant data breaches affecting LinkedIn, Dropbox, and the now-defunct social network Formspring. This announcement follows the successful arrest of Nikulin by the FBI, in coordination with Czech law enforcement, on October 5…
Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) Geopolitical Tensions Heighten Risk to Operational Technology from State Actors and Cybercriminals Tony Morbin (@tonymorbin) • January 6, 2026 Cyberattacks on critical infrastructure, especially against operational technology systems, are forecasted to escalate in 2026. Experts warn of an alarming increase…
