Signal, the telecommunications app, has announced an upgrade to its cryptographic specifications aimed at withstanding a potential future cyberattack involving quantum computers. On September 19, Signal announced an upgrade to the X3DH specification…

According to security researchers at SEC Consult, two vulnerabilities discovered earlier this year in Atos Unify products could allow malicious actors to cause disruption and even backdoor the targeted system.  The vulnerabilities affect the Atos…

Several Canadian airports reportedly experienced service disruptions due to a cyberattack allegedly perpetrated by a pro-Russia hacking group. According to the Canada Border Services Agency (CBSA), recent connectivity issues that impacted airport check-…

Quantinuum is a merger between Honeywell Quantum Solutions and Cambridge Quantum focused on quantum computing. It aims to help build quantum-hardened cryptographic keys to secure Honeywell's smart utility meters. Quantum Origin is a service that uses…

Investigators in Finland have recently seized and shut down a web server used to operate a local dark web marketplace.  Piilopuoti opened on May 18, 2022, with its administrators attempting to hide its presence by operating only on the encrypted Tor…

The cloud security vendor Skyhawk has introduced a new benchmark for evaluating generative Artificial Intelligence (AI) Large Language Models' (LLMs) ability to identify and score cybersecurity threats within cloud logs and telemetries. According to the…

Researchers have discovered a new set of malicious packages in the npm package registry designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype reported discovering 14 different npm packages…

According to Rockwell Automation, 60 percent of cyberattacks against the industrial sector are conducted by state-affiliated actors and are often facilitated by internal personnel (33 percent of the time). This aligns with other industry research that…

GitLab has released security updates to address a vulnerability of critical severity that allows attackers to run pipelines as other users through scheduled security scan policies. The flaw, tracked as CVE-2023-5009 with a CVSS score of 9.6, impacts…

Following the disclosure of vulnerabilities in Mozilla's Firefox and Thunderbird, the National Cyber Security Agency in Qatar urges Adobe users to apply patches. However, other affected browsers were not mentioned. The vulnerability, tracked as CVE-2023-…

New research delves into how Internet of Things (IoT) devices, which are not as well protected as traditional computers regarding firewalls, antivirus, and malware protection, can represent a significant system vulnerability. In addition to potential…

A regulation requiring organizations conducting business in China to notify the government of software vulnerabilities within 48 hours of discovery reflects the Chinese government's increasingly strategic view of security flaws. A new report published by…