Iran’s maritime satellite communications were disrupted in March and again in August 2025 through a supply‑chain breach at Iranian telecoms provider Fanava, impacting fleets of the National Iranian Tanker Company and IRISL and severing links on up to 116 vessels in the first wave and about 64 in the second, according to researchers and media reports. Analysts said the attackers, identifying as Lab‑Dookhtegan, achieved root access to Linux systems running iDirect Falcon software that manages VSAT links, enabling shutdowns of communications, AIS visibility, and ship‑to‑shore coordinati…
Read More

The Indian Army’s Terrier Cyber Quest 2025, scheduled for September, aims to enhance cyber readiness through competitive exercises focused on critical infrastructure hacking and AI-driven deepfake detection, in collaboration with IIT Madras and CyberPeace. This initiative is part of the Army’s Decade of Transformation, emphasizing indigenous innovation in quantum machine learning and real-time defense systems. The event’s structure encourages rapid talent identification and prototyping, directly addressing rising cyber threats to national security. By operationalizing these capabilities, Ind…
Read More

Jaguar Land Rover, a unit of Tata Motors, has experienced a significant cybersecurity incident that has disrupted both its retail and manufacturing operations. This incident is part of a broader trend of increasing cyber and ransomware attacks affecting UK businesses and critical sectors. While the company is working to restore services and has indicated that there is no evidence of customer data being compromised, the incident underscores the vulnerabilities that even major automakers face in an increasingly digital landscape. This situation highlights the need for robust cybersecurity measur…
Read More

WhatsApp has recently addressed a security vulnerability that allowed hackers to target specific Apple users with spyware. The company advised users to be vigilant for signs of hacking, such as unusual battery drain, increased data usage, slow performance, unfamiliar apps, and unexpected changes to settings. These indicators can help users recognize if their devices have been compromised. The collaborative efforts between WhatsApp and Apple in patching these vulnerabilities highlight the ongoing battle against cyber threats, emphasizing the importance of staying informed and proactive to prote…
Read More

The Telangana Cyber Security Bureau reports daily financial losses of Rs 5 crore due to rising cybercrime, with experts warning that while Artificial Intelligence (AI) is being exploited by fraudsters, it also offers tools for security enhancement. At the TRUST AICS 2025 conference, Shikha Goel emphasized the need for accountability and collaboration in leveraging AI as a safeguard. Meanwhile, Vasanth Kumar highlighted AI’s role in transforming corporate governance by enabling real-time compliance reviews. The discussion also raised concerns about AI liability, stressing that responsibility li…
Read More

A ransomware attack on Swedish IT provider Miljödata has disrupted operations in around 200 municipalities, affecting 80% of local government services. The attackers are demanding 1.5 Bitcoin ($168,000) for the release of sensitive personal data, including medical and rehabilitation documents. This incident highlights vulnerabilities in municipal cybersecurity, prompting Swedish authorities, including CERT-SE and law enforcement, to take urgent action. The relatively low ransom demand raises questions about the attackers’ strategy, either underestimating the data value or aiming for higher pa…
Read More

WhatsApp has fixed a critical zero-click vulnerability that allowed hackers to remotely deploy spyware on Apple devices, raising concerns over user privacy and security, particularly among defense personnel and government officials in regions like India and Pakistan. This incident underscores the escalating arms race in cyber warfare, where common platforms are targets for espionage. The collaboration between Apple and WhatsApp on enhancing security measures, including strengthened end-to-end encryption, highlights the necessity of timely software updates and user vigilance to counter advanced…
Read More

Google has alerted over 2.5 billion Gmail users about a significant data breach at Salesforce, which compromised sensitive information and raises concerns about potential phishing and espionage attacks. This breach poses heightened risks, particularly for users in defense and critical infrastructure sectors, as adversaries could exploit the exposed data. While Google is enhancing security measures, this incident highlights the urgent need for robust data protection across digital platforms, especially in a climate of increasing cyber warfare. The situation underscores the importance of vigilan…
Read More

Department of Homeland Security Secretary Kristi Noem has terminated two dozen FEMA employees due to significant cybersecurity failures identified in audits, which revealed vulnerabilities that could affect emergency responses and national readiness. These dismissals underscore the urgent need for improved cybersecurity measures within federal agencies, especially against threats from adversaries like China and Russia. The DHS plans to enhance training and technology to bolster defenses, emphasizing a comprehensive government approach to protect critical infrastructure. This incident highlight…
Read More

On August 30, 2025, the ransomware group DragonForce claimed responsibility for a cyberattack on ABM Wireless Inc., a major U.S. wireless distribution company, threatening to leak sensitive data unless negotiations were initiated. This incident underscores the growing threat to critical telecommunications infrastructure as ransomware groups increasingly target such sectors, potentially disrupting supply chains and communications networks. Experts recommend immediate incident response and enhanced security measures to mitigate these risks. The attack reflects the evolving cyber threat landscape…
Read More

Hyderabad Police recently conducted a cyber awareness program for approximately 200 Army personnel at the Bison Division in Secunderabad, focusing on critical topics such as cyber hygiene, online safety, and financial security. The initiative, led by DCP S Rashmi Perumal, aimed to sensitize the military personnel to existing cyber threats, online frauds, and safe digital practices, promoting interactive discussions where participants shared experiences and queries. This proactive approach underscores the importance of equipping defense forces with essential knowledge to navigate the increasing…
Read More

WhatsApp said on August 29, 2025, that it uncovered an advanced cyberespionage campaign leveraging a chain of vulnerabilities in its app and Apple platforms, with notifications sent to fewer than 200 targeted users worldwide, including members of civic groups and civil society, and patches now issued by both WhatsApp (CVE-2025-55177) and Apple (CVE-2025-43300) to close the exploit chain used in the zero-click spyware operation over the past several months. Amnesty International’s Security Lab confirmed it has begun collecting forensic evidence from potential victims, noting that both iPhone…
Read More

The U.S., U.K., and a coalition of allied governments this week labeled the Chinese state‑sponsored “Salt Typhoon” campaign a national defense crisis, issuing a joint technical advisory on August 27, 2025 that details a years‑long infiltration of global telecommunications and critical infrastructure spanning more than 80 countries and over 200 victim organizations since at least 2021, with U.S. agencies emphasizing hardening guidance for network defenders alongside the alert. The U.K.’s National Cyber Security Centre simultaneously exposed three China‑based technology firms—Sichu…
Read More

The Cybersecurity and Infrastructure Security Agency (CISA), in conjunction with the NSA and FBI, has issued an advisory on the increasing threats posed by Chinese state-sponsored cyber actors targeting global critical infrastructure, including telecommunications and defense sectors. Highlighting over 600 breaches, the report underscores the need for robust cybersecurity measures like patch management and vulnerability assessments. Amid rising geopolitical tensions, the advisory emphasizes international cooperation and the importance of transparency in incident reporting to deter nation-state…
Read More

India’s markets regulator, SEBI, has clarified expectations for cybersecurity and resilience frameworks amid rising risks to critical infrastructure, particularly affecting telecom and finance sectors crucial for national stability. This guidance aims to bolster governance and incident reporting to align with national advisories, emphasizing the need for systemic risk management during cyber incidents. Given the geopolitical climate and potential coordinated attacks, these clarified cyber controls are vital for maintaining operational integrity and liquidity in defense-adjacent financial flo…
Read More

Cephalus is a newly observed ransomware operation that abuses a legitimate SentinelOne executable, SentinelBrowserNativeHost.exe, to sideload a malicious DLL (SentinelAgentCore.dll) and load a data.bin payload, enabling stealthy deployment that can bypass conventional EDR heuristics in some cases. The group was seen in two incidents on August 13 and August 16, 2025, where initial access occurred via compromised RDP accounts lacking MFA, followed by data exfiltration to MEGA before execution; one attempt was blocked by Microsoft Defender, while another led to encryption with the .sss extension…
Read More

AI-generated ransomware capable of evading mainstream defenses was spotlighted at Black Hat USA 2025, where researchers detailed proof-of-concept malware trained on open-source LLMs to bypass Microsoft Defender for Endpoint roughly 8% of the time after three months and about $1,500 of tuning, underscoring how generative AI accelerates polymorphic payload creation and antivirus evasion across sectors including banking and healthcare. Conference coverage and industry analyses describe attackers leveraging AI to automate reconnaissance, generate constantly mutating code, and scale ransomware-as-a…
Read More

Attackers have begun abusing the legitimate Velociraptor DFIR tool to silently deploy Visual Studio Code’s tunneling feature as a covert command‑and‑control channel, with Sophos’ Counter Threat Unit detailing an August 2025 intrusion where Velociraptor was installed via msiexec from a Cloudflare Workers domain and then used to fetch and run VS Code with tunneling enabled, likely to reach an attacker‑controlled C2 endpoint; the activity triggered Taegis alerts and swift host isolation that likely prevented ransomware deployment. The campaign’s tradecraft aligns with a broader 2025 t…
Read More

A series of videos have emerged on social media, one allegedly featuring India’s Chief of Defence Staff (CDS) General Anil Chauhan praising the Pakistan Army during Operation Sindoor, which he described as a learning experience for India in modern conflict. Another doctored video circulated by Pakistani propaganda shows India’s Chief of Naval Staff, Admiral Dinesh Kumar Tripathi, suggesting that the Modi government prevented the Navy from participating in Operation Sindoor, leading to losses for the Indian Air Force. However, the Press Information Bureau (PIB) has debunked the latter video…
Read More

The recent Storm-0501 ransomware attack highlights a significant escalation in cloud-targeted operations, where attackers not only exfiltrate data from Microsoft Azure but also destroy critical resources post-theft, complicating recovery efforts for affected organizations. This incident raises alarms for sectors such as defense and telecommunications, which increasingly depend on cloud infrastructure. The attackers exploited legitimate administrative tools to undermine system resilience, emphasizing the urgent need for enhanced security measures like least-privilege access and tamper-proof bac…
Read More

South Korea’s SK Telecom has been fined approximately $97 million following a significant cyberattack that resulted in the data leak of nearly 27 million users. The Personal Information Protection Commission criticized the company for inadequate safety measures and delayed notifications to customers, noting that the company’s systems were poorly maintained and vulnerable. In response, SK Telecom acknowledged its responsibilities and announced plans to invest about $700 million over five years to enhance data protection. This incident highlights the critical need for robust cybersecurity protoc…
Read More

The report from Anthropic reveals that hackers are exploiting AI models, including Claude, to conduct sophisticated cyberattacks, ranging from data theft to ransomware development. These cybercriminals, often with minimal technical skills, utilize AI for automating various stages of their operations and crafting targeted extortion strategies. Notably, North Korean hackers have also misused AI to create fake identities for remote jobs, bypassing traditional barriers. In response, Anthropic has implemented enhanced security measures and collaborated with authorities to counter these threats, emp…
Read More

The Securities and Exchange Board of India (Sebi) has clarified the applicability of its cybersecurity and cyber resilience framework (CSCRF), stating it only affects systems used for regulated activities, with shared infrastructure also subject to audits. Entities must adopt zero-trust principles and ensure disaster recovery capabilities, including a two-hour recovery time for critical operations. The classification of regulated entities based on Assets Under Management has been revised, introducing categories for portfolio managers and merchant bankers. This proactive approach by Sebi reinfo…
Read More

A recent threat intelligence summary highlights ongoing activities by the China-linked group HAFNIUM (Silk Typhoon), focusing on aggressive ransomware tactics targeting sensitive sectors in Asia, particularly in defense and critical infrastructure. The report emphasizes the need for organizations, including those in India, to enhance their cybersecurity measures, such as patching vulnerabilities and strengthening backup strategies, to mitigate risks from escalating ransomware threats. The analysis also underscores the intersection of espionage and financially motivated attacks, indicating a co…
Read More

Cyber adversaries, particularly North Korean groups, are increasingly using AI-enhanced malware to infiltrate software development processes within the defense tech sector, targeting supply chains for espionage and sabotage. This evolution in tactics, which includes malicious code injections and the exploitation of open-source repositories, presents significant challenges for detection and demands advanced behavioral analysis. Organizations are urged to adopt secure development practices, conduct thorough code reviews, and deploy AI defenses to mitigate these threats. This trend, impacting cri…
Read More