Search engine DuckDuckGo would withdraw VPN from Canada if lawful-access bill passes

Search engine DuckDuckGo says it will withdraw one of its key security services from Canada over the government’s ...

Ottawa plans amendments to lawful-access bill amid backlash

Public Safety Minister Gary Anandasangaree is preparing to make several changes to the federal government’s controversial ...
Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Infosecurity Magazine

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And More Linux Vulnerabilities

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...
The Caledonian-Record

euNetworks launches new quantum-safe private connectivity service powered by Adtran’s encrypted optical transport technology

Adtran and euNetworks today announced their collaboration on the launch of a new quantum-safe private connectivity service, ...

AI Overhauls, IPOs, and Cyberthreats Define This Week in Tech

From SpaceX’s record IPO plans to AI product launches, cyberthreats, layoffs, and legal fights, this week showed AI’s growing grip on tech.