At the C3iHub ‘Connect 1.0’ Startup Demo Day, IIT Kanpur unveiled five innovative cyber defence and surveillance tools developed by incubated startups, showcasing India’s commitment to self-reliance in defensive technologies. Notable innovations included the Eliminator kamikaze drone for GPS-denied environments, the solar-powered TEJASVAAN ISR drone with a 12-hour endurance, and the BlackFence cyber threat intelligence platform aimed at combating fraud and phishing. This event, which included participation from government and industry leaders, highlights India’s strategic focus on enhanc…
Read More

Vice Admiral Raman Puri, former Chief of Integrated Service, highlighted during a seminar at VNIT, Nagpur, the inadequacy of India’s cybersecurity infrastructure, which can manage routine cybercrime but lacks the robustness for large-scale threats. He urged the need for stronger, indigenous cybersecurity systems and warned against dependence on foreign technology, especially during crises. Puri called for government support to bolster domestic industries in developing critical technologies, emphasizing that self-reliance is essential for national resilience against evolving cyber threats. Th…
Read More

China’s state-sponsored hacking group Silk Typhoon has intensified cyberattacks on North American cloud networks, exploiting zero-day vulnerabilities in products like Commvault and Citrix Netscaler to access sensitive government and defense data. Since late spring 2025, the group has targeted software-as-a-service providers, technology firms, and legal services through supply chain compromises, using flaws such as CVE-2023-3519 in Citrix Gateway and CVE-2025-3928 in Commvault devices to infiltrate downstream customer environments. CrowdStrike reported over a dozen incidents by August 2025, inc…
Read More

A China-linked hacking group, Murky Panda, has been conducting sophisticated cyber-espionage operations against North American entities, utilizing compromised cloud services to access sensitive information. This group employs advanced techniques, including weaponizing zero-day vulnerabilities and using custom malware, to target critical sectors, including defense technologies. The incident underscores vulnerabilities in cloud environments and highlights the risks posed by third-party dependencies. In light of growing U.S.-China tensions over technology, international cooperation and enhanced c…
Read More

Veeam Software hosted its VeeamON 2025 event in New Delhi, focusing on enhancing India’s cyber resilience against ransomware threats. It unveiled a whitepaper detailing strategies to counter ransomware, emphasizing compliance with the Digital Personal Data Protection (DPDP) Act and the forthcoming Digital India Act. The Bharat CyberSuraksha Saksham Bharat initiative aims to train over 100,000 professionals, establish 100+ Centers of Excellence, and create 25,000 cybersecurity jobs. Veeam’s holistic approach, encapsulated in the 6 Ps—Partnerships, People, Platforms, Policy, Progress, and Purp…
Read More

Registration is now open for c0c0n 2025, India’s largest cybersecurity conference, set for October 10-11, 2025, in Kochi. This event will address critical issues like AI-powered cyberattacks, state-sponsored hacking, and ransomware targeting essential sectors, including defense and infrastructure. With India’s rising significance in global cyber threat discussions, the conference aims to enhance national cybersecurity capabilities, particularly against threats from rivals such as China and Pakistan. Experts will provide insights on protecting military systems and mitigating vulnerabilities, hi…
Read More

Apple has released critical security updates for iOS and macOS to address a zero-day vulnerability, CVE-2025-43300, in its ImageIO framework, which could allow remote code execution through malicious images, particularly targeting cryptocurrency users. This zero-click exploit poses significant risks, especially for high-profile individuals in finance and defense, as it could lead to theft of sensitive data and military information. The incident underscores the intersection of cybersecurity and national security, particularly in the geopolitical context of India, where threats from state actors…
Read More

As the festive season in India approaches, Quick Heal Technologies warns of an increase in cyber scams targeting online transactions, particularly through fake booking interfaces and phishing attempts linked to events and travel. Fraudsters exploit urgency, creating counterfeit sites and malicious apps that demand excessive permissions, leading to significant financial losses for unsuspecting users. The company emphasizes the importance of vigilance, urging consumers to treat online transactions with the same caution as physical ones, verify URLs, update software regularly, and utilize compreh…
Read More

A recently identified cyber-espionage campaign by the Pakistan-linked group APT36 (Transparent Tribe) targets Indian government and defense sectors, utilizing spear-phishing tactics to distribute malware disguised as legitimate files. This operation exemplifies the ongoing cyber warfare between the two nations, emphasizing the need for India to enhance its cybersecurity measures. Experts recommend improving email security and adopting behavior-based detection to mitigate such threats effectively. The incident serves as a stark reminder of the vulnerabilities present in critical systems and the…
Read More

Research by Exabeam reveals that AI is significantly enhancing insider threats, now surpassing external attacks in frequency and impact. Insiders are using AI tools to facilitate data breaches, emphasizing the urgent need for advanced threat detection systems, particularly in sectors critical to national security. In India, where digital expansion is rapid, the risk from such threats could be intensified by external adversaries. The report urges organizations to adopt user and entity behavior analytics (UEBA) and AI-driven monitoring to counteract these risks and calls for stricter regulatory…
Read More

Pakistan has launched Asia One, its first satellite-based English-language global news channel, aimed at broadcasting its perspectives on regional issues, which analysts warn could serve as a platform for state-backed disinformation, particularly against India. This initiative enhances Pakistan’s ability to shape narratives internationally, posing a significant challenge to India’s media presence. The channel’s potential to influence public opinion and policy discussions abroad highlights the need for India to develop a robust global media strategy, especially as its current efforts through Do…
Read More

In a sophisticated cyber threat amid India’s push for digital governance, cybercriminals have unleashed an Android malware campaign targeting users with fake offers under the PM Surya Ghar: Muft Bijli Yojana, a February 2024 government scheme providing solar subsidies up to 60% for rooftop installations. Discovered by McAfee on August 19, 2025, the attack leverages YouTube videos with shortened URLs directing victims to GitHub-hosted phishing sites mimicking the official pmsuryaghar.gov.in portal, tricking users into downloading malicious APKs that steal banking details, SMS messages, and enab…
Read More

The FBI issued a warning on August 20, 2025, regarding Russian FSB cyber actors targeting end-of-life networking devices in US critical infrastructure, raising concerns about potential espionage and disruptive attacks. Vulnerable devices, such as outdated routers and switches, are prime targets for exploitation due to lack of security updates. The advisory indicates that these tactics may also pose risks to allies, including India, suggesting the need for enhanced cybersecurity strategies. The incident emphasizes the importance of modernization in critical infrastructure to prevent vulnerabili…
Read More

A significant cyber attack on August 19, 2025, disrupted nearly 80% of Pakistan’s internet capacity for several hours, employing highly sophisticated methods that crippled communications and affected critical infrastructure, including military servers, amid escalating regional tensions. The incident, potentially linked to earlier ransomware assaults like the Blue Locker variant that targeted Pakistan Petroleum Limited on August 6, 2025, encrypting systems and deleting backups, has prompted urgent warnings from Pakistan’s National Cyber Emergency Response Team to 39 key ministries and instituti…
Read More

The U.S. Army emphasizes the need for interoperable, off-the-shelf technology to enhance its modernization efforts, particularly for its Next Generation Command and Control initiative. Lt. Gen. Maria Barrett advocates for modular, platform-independent capabilities that can function effectively at the tactical edge, especially in challenging environments. This approach aims to reduce technical debt and improve operational flexibility, allowing commanders to adapt quickly on the battlefield. Barrett stresses the importance of designing systems with real-world scenarios in mind to ensure they are…
Read More

Microsoft has announced a reduction in access for Chinese companies to its cyber early warning system, a move driven by concerns over pervasive Chinese cyber operations and vulnerabilities potentially being exploited against U.S. and allied interests. This decision follows significant cyber incidents linked to Chinese hackers, including breaches of critical U.S. infrastructure, prompting the tech giant to limit information sharing with entities that may aid China’s government. The restriction, while aimed at bolstering cybersecurity for Western allies, could indirectly benefit India by slowing…
Read More

Microsoft has restricted Chinese access to its cyber early warning system amid speculation that Beijing is linked to a hacking campaign. This move highlights increasing concerns about cybersecurity threats emanating from China, reinforcing the importance of protecting sensitive information and infrastructure from potential cyber espionage. By limiting access to critical systems, Microsoft aims to enhance security protocols and safeguard its users against external threats. This action reflects a broader trend of countries and companies taking decisive steps to counteract malicious cyber activit…
Read More

Recent discussions among cybersecurity experts in India have highlighted a troubling rise in cyber intrusions from adversaries such as China and Pakistan, with a staggering 138% increase in cyberattacks on Indian government entities reported by the Center for Strategic and International Studies (CSIS) from 2019 to 2023. Notably, incidents surged from 85,797 to 204,844, illustrating a significant escalation in threats against India’s governmental infrastructure. Experts call for urgent enhancements in India’s digital security framework, emphasizing the necessity of international collaboration…
Read More

India is launching the National Cyber Security Scholar Programme (NCSSP) 2025, an innovative cybersecurity bootcamp aimed at training future cyber defenders. Organized by CERT-IN and ISAC, this four-day immersive program in Hyderabad will simulate off-grid conditions, encouraging participants from varied fields such as IAS, IPS, and tech firms to engage in hands-on exercises like hardware hacking and RF jamming. This initiative reflects a strategic shift in India’s cybersecurity approach, emphasizing readiness against complex cyber threats to critical infrastructure and defense networks. Gradu…
Read More

Royal Enfield, the prominent Indian motorcycle manufacturer, has been hit by a ransomware attack that fully compromised its systems, with hackers claiming to have encrypted all servers and erased backups on August 12, 2025. The attackers issued a 12-hour deadline for an undisclosed ransom payment, threatening to auction stolen data through private bids via platforms like qTox and Telegram if demands were unmet, and hinted at releasing proof-of-access samples to pressure the company. Based in Chennai, Royal Enfield confirmed the incident and activated response protocols, collaborating with cybe…
Read More

Google has issued a warning about a new cybersecurity threat involving AI-powered prompt injections, where hackers manipulate AI systems to steal user information, particularly targeting its AI assistant, Gemini. This technique, termed “indirect prompt injection,” allows attackers to embed harmful prompts in benign content, deceiving AI into acting against its own protocols. As more users rely on AI for personal tasks, the risks of such sophisticated scams are increasing. Google is enhancing protective measures and advising users to remain vigilant against these evolving cyber threats that ble…
Read More

The Central Reserve Police Force (CRPF) has issued an alert to its 3.25 lakh personnel regarding a fraudulent mobile app named ‘Sambhav Application Writer’ that mimics its official application. This unauthorized app poses serious security risks by attempting to collect sensitive personal and organizational information from CRPF staff. The CRPF has urged all units to inform their personnel about this threat and ensure compliance with the advisory, emphasizing the importance of operational security. The original app, ‘CRPF Sambhav’, is crucial for personnel to access administrative details, high…
Read More

Horizon3.ai, a cybersecurity startup integrating military intelligence with Silicon Valley expertise, has appointed Holly Grey as CFO to enhance its operational capabilities amid increasing cyber threats. The company has reported remarkable growth, achieving 101% year-over-year revenue increase and raising substantial funding to support its mission of leveraging AI in threat identification. CEO Snehal Antani emphasizes the importance of cybersecurity across all organizational functions, particularly concerning third-party vendors. The emphasis on a trust-based culture is critical, as strong le…
Read More

The ZALA company recently unveiled its innovative ZALA GEOCOSMOS communication and navigation system at the Unmanned Systems forum in Moscow. This new technology is designed to operate independently of satellites and mobile networks, enhancing the reliability of aviation systems even in adverse conditions. By utilizing ground-based software-defined systems and onboard equipment, ZALA GEOCOSMOS enables secure communication and accurate location tracking for both unmanned and manned aircraft in a shared airspace. This advancement not only addresses critical infrastructure needs but also aligns w…
Read More

Google is reinstating in-person interviews due to rising concerns over candidates using AI tools to cheat during virtual assessments, with over 50% reportedly relying on such technologies. CEO Sundar Pichai emphasized the importance of verifying candidates’ fundamental skills through face-to-face interaction, echoing similar moves by companies like McKinsey and Deloitte. The issue extends beyond interviews, as the FBI warns of sophisticated AI-enabled scams in recruiting, including fake profiles from North Korean nationals. This shift reflects a broader trend in the tech industry to mitigate i…
Read More