Blog

Security insights & analysis.

Practical cybersecurity and privacy coverage — the latest threats, breaches, and defenses, explained by the GetKhojo team.

uefisecure bootvulnerabilities

Eset Uncovers 11 Vulnerable Uefi Shims

ESET discovered 11 vulnerable UEFI shim bootloaders that could allow attackers to bypass Secure Boot, undermining device security.

Jul 16, 2026Read
cybersecurityjob marketcareer trends

Cybersecurity Job Market Shifts

Despite high demand, cybersecurity professionals face challenges in the job market. Practical steps can improve job search outcomes.

Jul 16, 2026Read
securebootmicrosoftfirmware

Microsoft Secure Boot Broken

Microsoft's Secure Boot has been bypassable for 13 years, with old 'shims' making it trivial to exploit. This affects Windows and Linux devices.

Jul 15, 2026Read
microsoftnightmareeclipseexploits

Nightmare Eclipse Drops Exploit Promise

A highly anticipated exploit release may be imminent, with potential implications for Microsoft's security. Users are advised to stay vigilant and monitor for updates.

Jul 14, 2026Read
cybersecuritycertificationsstudy habits

CISSP Study Struggles

Many individuals face challenges studying for certifications after college, citing decreased attention span and discipline. GetKhojo explores ways to overcome these hurdles.

Jul 13, 2026Read
microsoftwindowsdefender

Microsoft Patches Defender 0-Day

A Microsoft patch for a Windows Defender 0-day vulnerability may cause Windows machines to fill up hard drives, potentially leading to system disruptions. This highlights the importance of attack-surface awareness and privacy hygiene.

Jul 13, 2026Read
linuxkernelvulnerability

Januscape Exploits Linux Kernel

A 16-year-old Linux kernel vulnerability allows attackers to escape virtual machines. This affects Intel and AMD devices.

Jul 13, 2026Read
gamingvulnerabilityremote code execution

Meccha Chameleon Game Vulnerability

A 2-click remote code execution flaw was found in Meccha Chameleon, a Steam game with 7 million downloads.

Jul 13, 2026Read
cybersecurityincident responsepatch management

Cisa Shares Cyber Incident Lessons

CISA's recent cyber incident highlights the importance of prompt patching and incident preparedness. Organizations can learn from CISA's experience to strengthen their defenses.

Jul 13, 2026Read
ransomwareblackcatcybersecurity

BlackCat Ransomware Insider Sentenced

A former ransomware negotiator was sentenced to 70 months for conspiring with BlackCat actors. This case highlights the importance of trust and verification in cybersecurity.

Jul 13, 2026Read
windows11privacytracking

Microsoft Windows 11 Tracker

Microsoft admits Windows 11 has a tracker with no off switch, raising concerns over user privacy. The tracker was used to catch a hacker despite VPN use.

Jul 12, 2026Read
burnoutcybersecurityinfosec

Cybersecurity Veterans Face Burnout

Long-time infosec professionals struggle with burnout due to difficult stakeholders, affecting their passion for technology. Practical steps can help mitigate this issue.

Jul 12, 2026Read
aisecurityburnout

SecOps Teams Burn Out

Security teams face burnout from AI adoption and manual work. Learn how to manage AI pressures and prioritize data privacy.

Jul 11, 2026Read
palantirfrancecybersecurity

France Ditches Palantir

France ends contract with Palantir, citing strategic autonomy. French firm ChapsVision to replace US giant.

Jul 10, 2026Read
ai-generated-contentredditmoderation

Reddit Moderators Face AI-Generated Content Challenges

AI-generated content sparks debate on Reddit, raising concerns about authenticity and community guidelines. Moderators must navigate these issues to maintain community trust.

Jul 10, 2026Read
us armywebsite defacementcybersecurity

US Army Websites Defaced

US Army websites were defaced with pro-Kurdish sentiments and insults to Trump. The incident highlights vulnerabilities in government websites.

Jul 9, 2026Read
palantirnhsdata privacy

Burnham To End Palantir's NHS Deal

Andy Burnham is set to ditch Palantir from the NHS, citing concerns over the company's work with foreign governments. This move marks a significant shift in the UK's approach to data privacy and security.

Jul 9, 2026Read
windows hardeningsecurity toolsattack surface reduction

AtlantHarden v2.0 Released

A free Windows hardening app with 599 settings, offering a smarter approach to security. Get enhanced protection without unnecessary friction.

Jul 9, 2026Read
linuxkvmvirtualization

Google Pays $250K For KVM Guest-Escape Bug

A 16-year-old Linux KVM flaw allows guest VMs to escape and gain root access to host machines. Google paid $250K for its discovery.

Jul 9, 2026Read