A data breach involving Free was reported in January 2026. See incident details, impact on customers, and recommended security measures.

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also...

The challenge uses Chromium and abuses HTTP Disk Cache keys to trigger a client-side cache-poisoning issue. It contains two endpoint: /view and /. /view only succeeds if the header contains...

Facebook is used by almost everybody. Being able to see who is logged in can allow for targeted attacks, account takeovers, and employee profiling. This article dives into several techniques they...

Meta's web ecosystem relies on cross-window messaging between first-party websites. The only security control is around origin checks on facebook.com or its subdomains. Multiple Meta modules...

In October 2025, Citizen Lab researchers and director Ron Deibert signed an open letter to the Canadian Minister of Artificial Intelligence and Digital Innovation and the Minister of Industry...

FXAuth is Meta's shared authentication system used by a variety of services that they own. On the domain https://auth.meta.com/fxauth/, a signed token and blob are returned for using the website....

The report features insights from the Health-ISAC Ransomware Events Database, Indicator Sharing program, Physical Security, and Targeted Alerts initiative, showcasing the community-felt impacts of...

Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure.

Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly. Attackers are...

The author of this post wanted to see the capabilities of Opus 4.5 and GPT-5.2 when exploiting new vulnerabilities in the QuickJS JavaScript interpreter. They included many different challenges,...

Mata provides several website plugins such as the Like button and Customer Chat. These are hosted at www.facebook.com and designed for use in iFrames. Communication between the host website and...

Poor rounding in DeFi has been the catalyst of many, many bugs in Web3, even on major projects. The consequences of truncations and rounding down can seem insignificant but can be horrible...

In web3, a random user is selected to be the block creator. In order to maximize profit, this is split into three users: builder, relayer and validator. Builder is the trader willing to pay for...

The research focuses on Pretty Good Privacy (PGP) implementation from GNU. It's used for many things, like verifying downloads. This started with reviewing the code for fun but turned into a lot...

If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google’s Threat...

Citizen Lab senior research associate Emile Dirks will be attending a meeting on transnational repression (TNR) at the EU Parliament’s Committee on Foreign Affairs on January 28, during which Nate...

Facebook's payments and billing flows use third-party financial services providers. To perform these bank payments, Facebook embeds external services via iFrames that perform cross-window...

Facebook and Instagram accounts are deeply integrated through Accounts Center. This allows users to link identities, share authentication methods, and manage global settings. The integration...

A major cyberattack that nearly cut electricity to half-a-million people in Poland last year was reportedly carried out by the Russia-linked hacking group Sandworm, which likely attempted to knock...

In the last quarter of 2025, LevelBlue SpiderLabs used telemetry from the LevelBlue Fusion platform to decipher the techniques threat groups used to gain access to targets in the education sector.

In the last quarter of 2025, LevelBlue SpiderLabs used telemetry from the LevelBlue Fusion platform to decipher the techniques threat groups used to gain access to targets in the education sector.

When the Defense Department received a $23 billion down payment for the Golden Dome initiative through a reconciliation bill, lawmakers demanded a detailed plan for how the Pentagon plans to spend...

A proposal to create a volunteer cybersecurity incident response team, investigating and troubleshooting threats targeting digital systems around the commonwealth, will be considered again in this...

The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the...

Early last year, the FBI served Microsoft with a search warrant, asking it to provide recovery keys to unlock encrypted data stored on three laptops. Federal investigators in Guam believed the...

A notorious Russian military intelligence hacking unit with a track record of destructive cyber operations was likely behind the large cyberattacks that targeted Poland’s power system in late...

For the latest discoveries in cyber research for the week of 26th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES RansomHub ransomware group has claimed...

Roughly a million power outages were reported on Jan. 25 as a massive winter storm raged across the country, bringing “catastrophic” ice accumulation that downed power lines and created...

Probe follows outcry over use of creepy image generation tool The European Commission has launched an investigation into X amid concerns that its GenAI model Grok offered users the ability to...