KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...

Federal watchdog says lawful access bill poses privacy risks

Privacy Commissioner recommends changes to protect privacy rights, including letting his office investigate data breaches ...

Toronto book bank gives away its two-millionth free book

Ms. Fernando, 20, was leading a storytime session this past Saturday at the Sherbourne Street location of the Children’s Book ...