Sanjay Bahl, the chief of CERT-IN, has issued a warning regarding the rise of AI-powered phishing attacks, noting that malicious actors are leveraging advanced technologies to enhance the sophistication of their tactics, making phishing attempts increasingly difficult to detect. During a session at the Global Fintech Festival 2025, he highlighted the success of Operation Sindoor, where coordinated cyber threats were effectively thwarted without any material damage, thanks to rigorous preparedness and 24/7 monitoring. The ability to report suspicious activities within six hours was crucial in m…
Read More

Jaguar Land Rover (JLR) faced a significant cyberattack in late August, leading to widespread disruptions in its manufacturing operations globally, with estimated losses exceeding £5 million per day. In response, the UK government has agreed to provide a £1.5 billion emergency loan to support JLR and its suppliers, a move viewed as both critical for job preservation and risky due to potential moral hazard in cybersecurity investments. Experts argue that this intervention raises questions about the accountability of foreign-owned companies in enhancing their cybersecurity measures. The situat…
Read More

Quick Heal Technologies Limited has issued a warning about a surge in AI-powered cyber scams during the Diwali season, as e-commerce sales soared past ₹90,000 crore. The company’s research identifies five primary attack patterns targeting festival shoppers, including counterfeit travel portals, fake e-commerce websites, and QR code scams, all designed to exploit heightened online activity. The integration of AI enables cybercriminals to conduct highly personalized phishing attacks, posing serious risks as they leverage data from previous breaches. This alarming trend underscores the critical…
Read More

CISA has issued an urgent advisory regarding a Microsoft Windows privilege escalation vulnerability, CVE-2021-43226, affecting various Windows versions, including Windows 10 and Windows 11. This vulnerability allows authenticated attackers to elevate their access to SYSTEM level by exploiting the Common Log File System Driver’s memory management flaws. With proof-of-concept exploit code already circulating in underground forums, the risk of active exploitation is heightened, prompting CISA to enforce a mandatory remediation deadline of October 27, 2025. Organizations are urged to prioritize pa…
Read More

Microsoft has identified ongoing exploitation of a recently disclosed vulnerability in Fortra’s GoAnywhere MFT file transfer platform, attributing the attacks to the Storm-1175 group, a known affiliate of the Medusa ransomware operation. This exploitation, traced back to at least September 11, 2025, involved a zero-day vulnerability (CVE-2025-10035), leading to the deployment of remote monitoring tools and ultimately, the Medusa ransomware in compromised environments. Security experts emphasize the need for transparency from Fortra regarding how attackers gained access to private keys and the…
Read More

Ukrainian President Volodymyr Zelensky announced that recent Russian strikes on Ukraine utilized weapon systems containing over 102,000 foreign-made components, including parts from the United States, the UK, Germany, and other nations. During a massive attack on October 5, Russia reportedly deployed almost 500 drones and over 50 missiles, resulting in casualties and damage to infrastructure. Zelensky emphasized the need for increased sanctions against entities supplying these components, a sentiment echoed by the British government, which considers sanctions violations a serious offense. This…
Read More

Recent Open Source Intelligence (OSINT) analysis has clarified that the Pakistan Air Force’s (PAF) J-10CE fighter jet incident at Sargodha on August 8, 2025, was a hard landing rather than a catastrophic crash, as initially speculated. Despite the dramatic video circulating online, which prompted theories of sabotage, the aircraft sustained structural damage yet remains repairable. This incident reflects the ongoing challenges faced by the PAF in integrating advanced Chinese technology with its legacy systems, particularly against the backdrop of an increasingly capable Indian Air Force (IAF)…
Read More

The ransomware group Trinity of Chaos has launched a data leak site on the TOR network, exposing information from 39 global companies, including major firms like Google, FedEx, and Toyota. While the group claims to possess over 1.5 billion records, it has not conducted new attacks but has threatened Salesforce with further disclosures unless negotiations are successful. The leaked data, which includes personally identifiable information, raises concerns about the adequacy of cybersecurity measures within SaaS environments, particularly under the Shared Responsibility model. This escalation und…
Read More

Renault and Dacia have confirmed a data breach involving customer information due to a cyber-attack on one of their third-party data providers. Although the breach did not affect Renault’s own systems, sensitive data such as names, contact details, and vehicle identification numbers were compromised. The company is actively notifying affected customers and working with the provider to address the situation, which has been described as an isolated incident. This incident is part of a concerning trend of cyber-attacks in the automotive sector, exemplified by a recent attack on Jaguar Land Rover…
Read More

Airtel Business has been awarded a multi-year contract by the Indian Railway Security Operations Centre (IRSOC) to enhance cybersecurity for the Indian Railways, which operates over 13,000 trains and serves more than 20 million commuters daily. This initiative aims to protect critical data, including sensitive customer information and operational databases related to ticketing, train tracking, and freight management, amid escalating cyber threats. The establishment of a centralized Security Operations Centre will enable constant monitoring of railway assets and efficient response to cybersecur…
Read More

Oracle has confirmed that its E-Business Suite (EBS) has been targeted by the Cl0p ransomware group, exploiting a critical zero-day vulnerability tracked as CVE-2025-61882, which poses a CVSS score of 9.8. This flaw allows unauthenticated attackers to execute remote code, potentially compromising sensitive customer data. The breaches were initially revealed through extortion emails sent to various organizations, indicating that significant data was stolen as early as August 2025. Oracle’s Chief Security Officer, Rob Duhart, has assured that emergency patches have been released to address this…
Read More

The Indian Computer Emergency Response Team (CERT-In) has issued a significant security warning for Google Chrome users, affecting millions on Windows and macOS due to multiple vulnerabilities. The high-severity bulletin, dated October 3, 2025, outlines risks such as heap buffer overflow and inappropriate implementation, which could allow remote attackers to execute arbitrary code by persuading users to visit malicious websites. Users are advised to update their Chrome versions to at least 141.0.7390.54 to protect against these threats. This development underscores the importance of cybersecur…
Read More

A recent report published on October 5, 2025, by Recorded Future has identified the Beijing Institute of Electronics Technology and Application (BIETA) and its subsidiary, Beijing Sanxin Times Technology Co., Ltd. (CIII), as front organizations highly likely affiliated with China’s Ministry of State Security (MSS). The report details that at least four personnel from BIETA have direct or possible links to MSS officers and the University of International Relations, which is known to have connections to the MSS. BIETA and CIII engage in research and development of technologies that bolster China…
Read More

A hacker group known as the Crimson Collective has breached Red Hat, a leading open-source software vendor, claiming to have stolen sensitive information from over 28,000 code repositories. The group has threatened to release 570 GB of data, which includes critical engagement reports and customer network audits, unless a ransom is paid by October 10. Red Hat confirmed unauthorized access to its GitLab instance, affecting its consulting services and potentially compromising the data of major corporations like Walmart and American Express. This incident underscores the rising threat of cyber ext…
Read More

A recent cybersecurity report reveals the emergence of XRayC2, a sophisticated command-and-control framework that exploits Amazon Web Services (AWS) X-Ray, transforming it from a performance monitoring tool into a vehicle for malicious activities. This innovative toolkit allows attackers to establish covert communication channels by blending malicious traffic with legitimate application data, significantly complicating detection efforts. Utilizing AWS’s infrastructure, the framework employs a three-phase communication process that encompasses beaconing, command delivery, and data exfiltratio…
Read More

A September 2025 internal U.S. Army memo, seen by Reuters, has raised significant security concerns about the Next Generation Command and Control (NGC2) battlefield communications platform, developed by Palantir Technologies, Anduril Industries, Microsoft, and other partners. The memo, authored by Army Chief Technology Officer Gabrielle Chiulli, describes the NGC2 prototype as “very high risk,” citing fundamental security flaws such as uncontrolled user data access, lack of activity tracking, and unverified software security. It also notes that third-party applications hosted on the system con…
Read More

On Sunday, Chhattisgarh police achieved a breakthrough under Operation Cyber Shield, arresting four accused in Raipur in connection with a sprawling mule-account network orchestrated by Chinese nationals. The investigation uncovered transactions amounting to crores of rupees flowing through over 500 bank accounts, and revealed the suspects had cheated more than 500 victims across multiple Indian states. Raids were carried out at two sites—Gole Chowk (Dagania) and Katora Talab—and the syndicate’s fake offices were sealed. The accused ran fraudulent matrimonial websites such as erishtaa.co…
Read More

Researchers from the Georgia Institute of Technology have identified significant vulnerabilities in Tile tracking devices, which are popular among consumers for locating personal belongings. The absence of encryption and the use of static MAC addresses make these devices susceptible to exploitation by malicious actors, raising serious privacy concerns. While Tile’s parent company, Life360, claims to have addressed these issues, critics, including the Electronic Frontier Foundation, argue that the company has inadequately responded to calls for improved security measures, unlike competitors lik…
Read More

The recent finalization of the Cybersecurity Maturity Model Certification (CMMC) by the U.S. Department of Defense, effective November 10, 2025, imposes stringent cybersecurity standards on defense contractors, requiring assessments from self-certification to third-party audits to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). India’s defense sector is also stepping up its cybersecurity with the 2025 Security Manual for Licensed Defence Industries (SMLDI 2025) and new government mandates that emphasize biometric access controls, comprehensive employee…
Read More

Recent advancements in AI, particularly with language models like Claude Sonnet 4.5, have shown promising results in identifying software vulnerabilities. Anthropic reports that Sonnet 4.5 improves vulnerability detection rates from 2% to 5%, successfully uncovering new flaws in over a third of tested projects. This enhancement was notably showcased during a DARPA AI Cyber Challenge, where teams utilized large language models to create “cyber reasoning systems” capable of analyzing millions of code lines for potential security issues. The development signifies a pivotal shift in cybersecurity…
Read More

A recently identified vulnerability known as the WireTap attack poses a significant threat to Intel’s Software Guard eXtensions (SGX), enabling attackers with physical access to extract sensitive data, including cryptographic keys, from server processors. Detailed in a research paper, this approach utilizes a low-cost tool to intercept data traffic between the CPU and memory, challenging the security foundations of SGX, especially in blockchain applications reliant on its technology for secure transactions. The implications are profound, as compromised SGX keys could allow malicious actors to…
Read More

Inspector General of Police (IGP) Jammu Zone, Bhim Sen Tuti, emphasized the critical role of Artificial Intelligence (AI) and cybersecurity in evolving policing strategies during a review meeting aimed at enhancing internal security and law enforcement in Jammu. The discussions, which precede the 60th All-India DGPs and IGPs Conference, scheduled for November in Chhattisgarh, focused on modernizing police infrastructure and adopting innovative approaches to counter emerging security threats. IGP Tuti called for synchronization among police units to boost operational efficiency, reflecting a co…
Read More

Discord has confirmed a data breach involving a third-party customer service provider that compromised identifiable user information from a limited number of users who had interacted with its support teams. The breach, which occurred on September 20, resulted in the unauthorized access of usernames, email addresses, last four digits of credit card numbers, and a small number of government-issued ID photos, although full credit card numbers and passwords remain secure. Hackers, motivated by financial gain, demanded a ransom from Discord in exchange for not leaking the stolen information, which…
Read More

A coordinated cyberattack exploiting the known Grafana vulnerability CVE-2021-43798 has resurfaced, with an alarming spike in exploitation attempts observed on September 28, 2025. Attackers primarily from Bangladesh, China, and Germany targeted systems internationally, including several critical infrastructure points, leveraging unpatched Grafana instances to execute directory traversal attacks and file disclosures. Despite patches being available since December 2021, many Grafana deployments remain vulnerable, exposing sensitive operational data and internal configurations. In India, Grafana…
Read More

Indian researchers at the Raman Research Institute in Bengaluru, in collaboration with the Indian Institute of Science and the University of Calgary, have made a significant breakthrough in quantum security by developing a simplified method to generate truly random numbers using quantum computers. This approach uses a single qubit measured over time, eliminating the need for complex optical setups. Demonstrated on cloud-based quantum platforms like IBM’s superconducting-qubit system, the technique certifies randomness based on Leggett-Garg inequalities, ensuring unhackable digital security. Pu…
Read More