More than 880,000 phone numbers linked to government accounts stolen in data breach

But what the CIO did not disclose at the time was the scope of the breach: nearly one million emails and phone numbers had been stolen, allowing criminals to send over 881,000 fraudulent spam messages ...

Feds Scramble After Interac’s 2Keys Hack Exposes Canadians to Phishing

Almost one million Canadians had their contact information stolen in a cyberattack on the federal government’s authentication ...
CNET

Don't Fall for This Sneaky QR Code Scam if You Get a Surprise Package

A new package scam started this summer, and it's likely to gain momentum as people start ordering their iPhone Airs and buying gifts for the holidays. Picture getting a package delivered to your front ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
Hosted on MSN

Apple customers issued with scam warning

Apple users have been issued a warning from the technology company amid a series of scams. Cautioning people about social engineering, it notes that this is a type of targeted attack and form of ...
Hosted on MSN

Beware the QR code: How a new scam is costing consumers £10,000 per day

Whether you’re ordering drinks to your table in a pub or want to pay for car parking, QR codes make life simple. A quick scan of a black-and-white grid on your mobile phone takes you straight to a ...
Windows Report

How to log in to Army email (CAC / Army 365) on Windows

Stuck at the certificate prompt or getting “No valid certificate,” “403,” or “Client auth required” when accessing Army email? On Windows, successful sign‑in usually comes down to a working CAC reader ...

This tech company is improving online safety for Indigenous people

Founded by Lac Seul First Nation entrepreneur Darion Ducharme, Teqare runs scam prevention workshops and other trainings ...
Bleeping Computer

WatchGuard warns of critical vulnerability in Firebox firewalls

WatchGuard has released security updates to address a remote code execution vulnerability impacting the company's Firebox firewalls. Tracked as CVE-2025-9242, this critical security flaw is caused by ...
Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ongoing ...
Infosecurity-magazine.com

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

Multiple CVEs in the Chaos-Mesh platform have been discovered, including three critical vulnerabilities that allow in-cluster attackers to run arbitrary code on any pod, even in the default ...