Information and Guidance
- Joint cyber security advisory on pro-Russia hacktivists conducting opportunistic attacks on global critical infrastructure
- Ransomware
- Joint malware analysis report on Brickstorm backdoor
- Public content provenance for organizations (ITSP.10.005)
- Joint guidance on principles for the secure integration of artificial intelligence in operational technology
- Joint statement on malicious cyber activity targeting Canadian critical infrastructure
- Backgrounder: Malicious cyber activity targeting Canadian critical infrastructure
- The cyber threat to Canada’s water systems: Assessment and mitigation
- Don't take the bait: Recognize and avoid phishing attacks - ITSAP.00.101
- Joint guidance on mitigating risks from bulletproof hosting providers
The Hacker News RSS Feed
- Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling
- Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
- Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
- Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
- Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
- North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
- Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
- Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
- How to Streamline Zero Trust Using the Shared Signals Framework
- Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
News
- [Control systems] Schneider Electric security advisory (AV25-825)
- Ivanti security advisory (AV25-824)
- Adobe security advisory (AV25-823)
- Microsoft security advisory – December 2025 monthly rollup (AV25-822)
- Fortinet security advisory (AV25-821)
- VMware security advisory (AV25-820)
- Mozilla security advisory (AV25-819)
- SAP security advisory – December 2025 monthly rollup (AV25-818)
- [Control systems] Siemens security advisory (AV25-817)
- WatchGuard security advisory (AV25-816)
Cloud Security
- Securing Your Move to the Hybrid Cloud
- 380K Kubernetes API Servers Exposed to Public Internet
- Deep Dive: Protecting Against Container Threats in the Cloud
- Security Turbulence in the Cloud: Survey Says…
- Firms Push for CVE-Like Cloud Bug System
- Zero-Trust For All: A Practical Guide
- Rethinking Cyber-Defense Strategies in the Public-Cloud Age
- Protect Your Executives’ Cybersecurity Amidst Global Cyberwar
- Cyberattackers Put the Pedal to the Medal: Podcast
- Microsoft Zero-Days, Wormable Bugs Spark Concern