Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore

Advisories

Information on high-impact cybersecurity activity affecting Singapore.

103 articles

15 April 2026

Advisory on Risks associated with Frontier AI Models

Frontier Artificial Intelligence (AI) models are the most recent advanced AI models available. These frontier AI models can reportedly reduce the time taken to identify vulnerabilities and engineer exploits cutting short the duration from months to hours, but this capability could also be misused by cyber threat actors. This advisory outlines how organisations can plan ahead and strengthen their cybersecurity posture to guard against such risks.

Advisory

7 April 2026

Advisory on Securing the Software Supply Chain and Development Workflows

Threat actors are increasingly targeting the software supply chain. A single compromised external tool can grant attackers deep access to internal systems, leading to data theft, operational downtime, and severe reputational damage. Organisations are strongly encouraged to enforce strict governance over their internal development environments.

Advisory

6 April 2026

Protecting Your Website From Cyber-Attacks

Advisory

1 April 2026

Advisory on Axios Supply Chain Attack via Compromised npm Account

A critical software supply chain compromise has been identified affecting the widely used JavaScript HTTP client Axios. Organisations using affected versions of the product are advised to assess their systems and networks for potential compromise.

Advisory

Add your alt text here

27 March 2026

Ongoing 'TeamPCP' Supply-Chain Campaign

Security researchers have identified an ongoing supply-chain campaign compromising open-source projects to distribute malware. Organisations using affected components of such projects are advised to assess their environments for potential compromise.

Advisory

12 November 2025

Joint Advisory On Safeguarding Against The Dangers Of Streaming Devices

CSA and Singapore Police Force have jointly issued an advisory to inform members of the public to be vigilant against the dangers of streaming devices commonly known as Android TV boxes.

Advisory

16 August 2025

Advisory on New Endpoint Detection and Response (EDR) Killer Tool Used by Multiple Ransomware Groups

There have been reports of a new malicious tool, known as Endpoint Detection and Response (EDR) killer, being actively used by at least eight ransomware groups to disable EDR solutions.

Advisory

1 August 2025

Defending Against Scams Targeting National Day Celebrations

With the ongoing celebrations in commemoration of SG60, there may be an increase in scams. Individuals are advised to stay vigilant during this period and take proactive measures to enhance your online defences from such scams.

Advisory

24 July 2025

Remediation Guide for a Compromised SharePoint Environment related to CVE-2025-53770 and CVE-2025-53771

This document serves as a comprehensive guide for responding to the CVE-2025-53770 and CVE-2025-53771 affecting on-premises SharePoint servers.

Advisory

11 July 2025

Protecting Yourself and Your Organisation from Data Breaches

Advisory