Proposed $66-million settlement reached in class action over B.C.’s use of ‘birth alerts’

A proposed $66-million settlement has been reached in a class-action lawsuit over British Columbia’s use of “birth alerts,” a ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
Dark Reading

Fake Android Apps Commit Carrier Billing Fraud for Premium Services

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.
Security Boulevard

Reducing Authentication Errors in Enterprise Environments: A Human-Centric Approach

Learn how a human-centric approach can reduce authentication errors in enterprise environments while improving security and ...

Hezbollah drone strike videos show evolving tactics against Israel

BBC Verify has examined dozens of videos of fibre-optic drone attacks carried out by the Lebanese armed group.

How Vancouver and Toronto are preparing for health risks of World Cup mass gatherings

Multi-agency simulation part of planning for worst cases that could include infectious disease outbreaks, extreme heat or ...

Page 2: OpenTelemetry for MemoryCache

The fourth preview brings new methods to existing classes in the .NET base class library and a new configuration file for ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

PCI DSS Compliance

Data Security Standard (DSS), issued by the PCI Security Standards Council (SSC), which establishes technical and operational requirements to protect cardholder data and promote consistent security ...