Ottawa plans amendments to lawful-access bill amid backlash

Public Safety Minister Gary Anandasangaree is preparing to make several changes to the federal government’s controversial ...
Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...

Federal watchdog says lawful access bill poses privacy risks

Privacy Commissioner recommends changes to protect privacy rights, including letting his office investigate data breaches ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
The Caledonian-Record

Defesio LLC CEO Believes That Health Care Organizations And Clinics Not Using Quantum Resistant Email May Not Be Technically HIPAA Compliant Anymore.

GRANITE BAY, CA / ACCESS Newswire / May 21, 2026 / HIPAA also requires healthcare providers and organizations to implement specific administrative, physical, and technical safeguards to secure electro ...
Infosecurity Magazine

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And More Linux Vulnerabilities

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

Websites have a new way to spy on visitors: analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...
The Caledonian-Record

euNetworks launches new quantum-safe private connectivity service powered by Adtran’s encrypted optical transport technology

Adtran and euNetworks today announced their collaboration on the launch of a new quantum-safe private connectivity service, ...