Canada’s Bill C-8 (formerly Bill C-26) is proposed cybersecurity legislation that would introduce broad information collection and sharing powers, including the warrantless collection of...
FortiGuard IR analysis of H1 2025 shows financially motivated actors increasingly abusing valid accounts and legitimate remote access tools to bypass detection, emphasizing the need for...
American business services giant Conduent has confirmed that a 2024 data breach has impacted over 10.5 million people, according to notifications filed with the US Attorney General's offices. [...]
On 2010-01-12, an incident was reported, involving Storm-0558, gaining initial access via Unknown, to achieve Data exfiltration.
On 2011-08-31, an incident was reported, involving an unknown actor, gaining initial access via Unknown, to achieve Supply chain attack.
On 2013-05-07, a campaign was reported, involving an unknown actor, gaining initial access via Unknown, targeting Apache HTTP Server, NGINX, Lighttpd to achieve Resource hijacking. The following...
On 2014-03-18, a campaign was reported, involving Windigo operator, gaining initial access via Supply chain vector, while using Create SSH backdoor, to achieve Resource hijacking. The following...
On November 9, 2014, BrowserStack suffered a breach when a hacker accessed an old, unpatched prototype server via the shellshock vulnerability. The server contained AWS credentials, allowing the...
The Los Angeles Times website was covertly mining cryptocurrency on visitors' devices after hackers injected CoinHive's Monero-mining code. This happened due to an unprotected Amazon S3 storage...
On 2018-04-09, a research was reported, involving , gaining initial access via 1-day vulnerability, while using SSRF, IMDS abuse, targeting Confluence Server, Jira Server to achieve Resp. disclosure.
On 2018-09-12, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting Redis, Apache CouchDB, Docker, Jenkins, Drupal, MODX to achieve...
An unknown threat actor compromised the Webmin build server, and inserted a backdoor RCE vulnerability into the Webmin source code that anyone could exploit if they were aware of its existence....
On 2019-10-16, a campaign was reported, involving an unknown actor, gaining initial access via Software misconfig, targeting Docker to achieve Resource hijacking. The following tools were...
The X-59 successfully completed its inaugural flight—a step toward developing quieter supersonic jets that could one day fly customers more than twice as fast as commercial airliners.
PhantomRaven slipped over a hundred credential-stealing packages into npm A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials,...
OpenAI warned the White House on Monday that China’s commitment to building new energy generation could give it an edge in the AI race. The company recommends that the U.S. prioritize “closing the...
It is a question that successive governments have struggled with: what kind of threat does China really pose to the UK? Trying to answer it may have contributed to the high-profile collapse of the...
WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code. [...]
Every January, an exclusive career fair in Washington, D.C. marks a pivotal moment for CyberCorps scholars. Hundreds of top students from across the country meet with dozens of federal agencies...
Whether careless or malicious, insiders can cause all manner of nightmares
A leading standards body has warned of a growing “AI governance gap” as business leaders rush to adopt the new technology without first putting the requisite controls and processes in place. The...
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)Categories: Threat ResearchTags: BRONZE BUTLER, china, featured, Japan, LANSCOPE, Tick, vulnerabiity
Cross-site Scripting vulnerability (CVE-2025-10348) has been found in Eveo URVE Smart Office software.
After a months-long leadership vacuum amid intense scrutiny from one of President Donald Trump’s most vocal far-right supporters, the National Security Agency is readying a number of senior...
Cybersecurity for years has been an afterthought in the commercial space industry — viewed more as a line item than a lifeline. But that mindset is starting to shift as satellite networks grow...
In recent weeks, the Canadian Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS. One incident affected a water...
Canada's cyber agency and the RCMP say they have investigated multiple cases in which unspecified hacktivists compromised industrial control systems.
Security researchers have discovered a critical architectural flaw in the Blink rendering engine that powers Chromium-based browsers, exposing over 3 billion users to denial-of-service attacks....
Picture your online shopping site overwhelmed with fake orders, your customer accounts being drained one after another, or your essential APIs flooded by an endless wave of automated attacks. This...
Trustwave, a LevelBlue Company, was named a Leader in the IDC MarketScape: Asia/Pacific (Excluding Japan) Managed Detection and Response Services 2025 Vendor Assessment (doc # AP52998725e,...