KawaiiGPT, a free and open-source malicious AI tool, has emerged as a significant threat in the cybercrime landscape, enabling novice hackers to execute sophisticated cyberattacks with minimal technical expertise. Its capabilities include crafting convincing phishing emails, generating ransomware scripts, and facilitating data exfiltration, all while maintaining a user-friendly interface. The tool’s increasing popularity, evidenced by over 500 registered users, poses a challenge for cybersecurity defenses, which must now adapt to automated attacks that blur traditional indicators of malicious…
Read More

Microsoft has raised concerns regarding security risks associated with its new agentic AI capabilities in Windows, particularly through the introduction of the agent workspace feature which allows AI agents to operate in isolated environments. While these agents enhance user interaction by performing tasks autonomously, they also open up vulnerabilities such as cross-prompt injection attacks, which could lead to data breaches or malware installation. The company is addressing these risks with stringent security principles focused on non-repudiation, confidentiality, and authorization, ensuring…
Read More

Chinese researchers are intensifying their efforts to counter SpaceX’s Starlink satellite constellation, perceived as a strategic advantage for Taiwan and its allies, particularly the U.S. Notably, studies indicate that Beijing is exploring the deployment of 1,000 to 2,000 drones equipped with jamming technology to disrupt Starlink’s communications, which are complex and resilient. While initial attempts at jamming have proven less effective, advancements in electronic warfare and plans for laser-equipped submarines reflect China’s determination to neutralize perceived threats. Simultaneously…
Read More

The Indian government has issued a significant security warning from the Indian Computer Emergency Response Team (CERT-In) advising Chrome users on Windows, Mac, and Linux systems of vulnerabilities that could be exploited by remote attackers. Specifically, users of Google Chrome versions prior to 142.0.7444.175/.176 for Windows, 142.0.7444.176 for Mac, and 142.0.7444.175 for Linux are urged to update their browsers immediately to mitigate the risk of arbitrary code execution. This alert underscores the ongoing cybersecurity challenges faced by users in India and emphasizes the importance of t…
Read More

Recent reports indicate a concerning development in global cybersecurity, as Russian and North Korean hacking groups, Gamaredon and Lazarus, appear to be collaborating by sharing operational infrastructure. This alliance, marked by a shared IP address and mutual defense commitments between the two nations, raises alarms about a significant shift in cyber threat dynamics. Gamaredon, known for cyber espionage against Ukraine, and Lazarus, which has evolved towards financially motivated attacks, may represent the first documented case of Russian-North Korean cyber cooperation. The implications fo…
Read More

The UAE Cyber Security Council has issued a warning regarding the cybersecurity risks posed by untrusted public charging ports, revealing that 79% of travelers unknowingly expose their personal data to potential theft through juice jacking attacks. These incidents can lead to significant data breaches, with 68% of companies experiencing attacks via these charging stations. To mitigate risks, the Council recommends carrying personal chargers, avoiding public ports, and employing protective measures such as two-factor authentication and biometric logins. This initiative is part of the UAE’s broa…
Read More

Cybersecurity experts from Group-IB have unveiled the sophisticated UNC2891 campaign, targeting ATMs through a blend of physical intrusion and advanced malware, including the CAKETAP rootkit. The group’s tactics involve the use of Raspberry Pi devices to breach bank infrastructures in Indonesia and a recruitment strategy for proxies to facilitate cash withdrawals. This multi-faceted attack underscores a worrying trend where high-profile ATM incidents are declining, yet threats persist due to evolving methods that marry technical expertise with operational strategy. The persistence and resource…
Read More

The European Union Agency for Cybersecurity (ENISA) has been elevated to Root status in the global CVE Program, marking a significant enhancement of its role in cybersecurity oversight across Europe. This designation allows ENISA to oversee and coordinate other CVE Numbering Authorities (CNAs), thereby streamlining vulnerability management and improving the EU’s response to cybersecurity threats. The shift aligns with broader EU initiatives such as the Cyber Resilience Act and NIS2 Directive, aimed at harmonizing cybersecurity practices. However, challenges remain, including the need for opera…
Read More

A new phishing scam targeting Microsoft users has emerged, with fraudsters sending fake password reset emails from a misleading domain, ‘rnicrosoft.com’. Cybersecurity experts warn that this tactic could lead to significant security breaches for unsuspecting victims. Users are advised to vigilantly check email addresses and links, and to navigate directly to Microsoft’s official website for any password resets. This incident underscores the critical need for heightened cybersecurity awareness and proactive measures to safeguard personal information in an increasingly digital world. Read More

Harvard University is investigating a data breach that exposed personal contact information and donation details of alumni, donors, students, and faculty after a phone-based phishing attack. The breach occurred when an unauthorized party accessed the university’s Alumni Affairs and Development Office systems, although sensitive data such as Social Security numbers and financial account information were not involved. Harvard acted swiftly to secure its systems by removing the attacker’s access and has since engaged with cybersecurity experts and law enforcement to address the incident. This b…
Read More

Security researchers at GreyNoise have detected a significant surge in cyberattacks targeting Palo Alto Networks GlobalProtect VPN portals, with approximately 2.3 million malicious sessions initiated since November 14, 2025. This coordinated assault, primarily originating from Germany, indicates a well-organized operation with distinct patterns suggesting ongoing threats. Notably, the attackers displayed a focus on various countries, including the United States and Pakistan. Experts warn that this aggressive scanning could precede actual exploitation of vulnerabilities, urging organizations us…
Read More

The Clop ransomware gang has claimed a significant breach of Oracle Corporation, exploiting a critical zero-day vulnerability (CVE-2025-61882) in the Oracle E-Business Suite, which affects versions 12.2.3 to 12.2.14. This vulnerability allows unauthenticated remote code execution, posing severe risks for organizations using unpatched systems, given its high CVSS score of 9.8. Clop has reportedly targeted several high-profile companies, threatening to publicly release sensitive data unless ransoms are paid. This incident underscores the alarming trend of ransomware attacks exploiting critical s…
Read More

In a significant security breach, two employees of the Cochin Shipyard, identified as Rohit (29) and Santri (37) from Uttar Pradesh, were arrested by Udupi district police for allegedly leaking sensitive maritime data to Pakistani contacts via WhatsApp over an 18-month period. This confidential information included critical details about ship construction and specific vessel information, likely compromising the national security and sovereignty of India. The investigation, initiated after a formal complaint from the shipyard’s CEO, has raised concerns regarding a potential wider espionage netw…
Read More

The Indian Computer Emergency Response Team (CERT-In) has issued a security alert for vulnerabilities in Zoom applications across multiple platforms, including Windows, macOS, Android, and iOS, as of November 14, 2025. These critical flaws could allow hackers to bypass security measures, potentially leading to unauthorized data access and execution of malicious code. CERT-In has urged users to promptly update to the latest Zoom versions following the release of specific patches addressing these issues. Security experts highlight that despite no reports of active exploitation, the potential for…
Read More

A critical remote code execution vulnerability in Microsoft’s Windows Graphics Component, designated CVE-2025-50165, allows attackers to take control of systems using specially crafted JPEG images, rated with a CVSS score of 9.8. This flaw, discovered in May 2025 and patched in August 2025, affects several Windows versions, including Windows Server 2025 and Windows 11 Version 24H2, with unpatched systems at high risk for exploitation in phishing campaigns or ransomware attacks. The vulnerability stems from an untrusted pointer dereference in the windowscodecs.dll library, enabling arbitrary…
Read More

CERT-In, India’s cybersecurity agency, has issued a high-severity warning regarding a significant security flaw affecting multiple versions of Windows 10 and Windows 11, including some recent builds. This vulnerability, stemming from a race condition within the Windows kernel, allows attackers with low-level access to escalate their privileges to full system administrator rights, posing risks to data integrity and system stability. Microsoft has promptly released security patches to address this issue, emphasizing the importance of regular updates. The incident underscores the critical need fo…
Read More

CISA has mandated U.S. government agencies to address a critical vulnerability, CVE-2025-58034, in Fortinet’s FortiWeb web application firewall. This OS command injection flaw permits authenticated attackers to execute root-level code, posing significant risks to federal systems. Agencies have been given a tight deadline until November 25 to secure their systems, following the identification of this vulnerability in the context of rising cyber threats, including a recent attack linked to a Chinese hacking group. The urgency is underscored by the inclusion of this flaw in CISA’s Known Exploited…
Read More

The Indian Computer Emergency Response Team (CERT-In) has issued a critical alert for users of select Asus DSL-series Wi-Fi routers, highlighting a significant authentication bypass vulnerability (CVE-2025-59367) that can be exploited remotely, risking the security of entire networks. This flaw affects popular models such as Asus DSL-AC51, DSL-N16, and DSL-AC750, commonly used in homes and small offices across India. Users are urged to update their router firmware, change default passwords, and monitor network activity to mitigate potential cyber threats. This warning underscores a growing tre…
Read More

Recent findings by Amazon Threat Intelligence reveal a concerning trend of nation-state actors integrating cyber warfare with kinetic operations, termed “cyber-enabled kinetic targeting.” The analysis highlights two case studies involving Iranian cyber groups—Imperial Kitten and MuddyWater—that demonstrate how cyber reconnaissance is used to facilitate physical attacks, such as maritime strikes and missile launches. This evolution blurs the lines between digital and physical warfare, urging defenders to re-evaluate cybersecurity strategies and enhance intelligence sharing across sectors. T…
Read More

A newly identified cyber campaign, codenamed Operation WrtHug, has compromised over 50,000 outdated ASUS WRT routers globally, primarily affecting regions such as Taiwan, the U.S., and Russia. The operation exploits six known security vulnerabilities, enabling attackers to gain control of these devices through the ASUS AiCloud service. SecurityScorecard reports similarities to China-linked botnet activities, suggesting possible links to known Chinese hacking groups. This incident underscores the increasing trend of malicious actors targeting network devices for mass infection, raising concerns…
Read More

Logitech has confirmed a data breach involving the unauthorized exfiltration of data, reportedly by the Russia-linked ransomware group Clop, which claims to have stolen approximately 1.8TB of files. The company asserts that no sensitive or customer-related information was compromised, as sensitive details such as national ID numbers and credit card data were not stored on the affected systems. The breach is believed to have exploited a zero-day vulnerability in a third-party software platform, which has since been patched. This incident raises significant concerns regarding cybersecurity, espe…
Read More

A recent report by the US-China Economic and Security Review Commission has revealed that China orchestrated a disinformation campaign aimed at discrediting the French Rafale fighter jets following the May 2025 India-Pakistan border crisis. The campaign, which sought to promote China’s J35 aircraft, involved the use of fake social media accounts to disseminate false narratives and AI-generated images claiming Rafale aircraft debris was caused by Chinese weapons. This misinformation effort was reportedly amplified by actors from both China and Pakistan, with Chinese embassies globally tasked to…
Read More

A US Congress advisory body has accused China of orchestrating a disinformation campaign aimed at undermining the market position of the French Rafale aircraft in favor of its J-35 jets, coinciding with India’s Operation Sindoor. This campaign involved the use of fake social media accounts to disseminate AI-generated images purporting to show debris from aircraft allegedly destroyed by Chinese weaponry. The report underscores the asymmetry in India-China negotiations over border issues, highlighting India’s increasing recognition of the threats posed by China. It also notes the recent stabiliz…
Read More

A major outage affecting Cloudflare’s services caused significant disruptions across various high-profile platforms, including OpenAI’s ChatGPT, Spotify, and X (formerly Twitter), among others. The technical failure, which began around 11 AM UTC, resulted in widespread 500 errors, preventing users from accessing affected websites and applications. Cloudflare confirmed that the issue stemmed from a bug in their server infrastructure, rather than a cyberattack, and stated that they were actively investigating the problem and implementing fixes. Despite some signs of recovery, users were warned t…
Read More

The UK government is set to introduce the Cyber Security and Resilience Bill, aimed at enhancing national defenses against increasing digital threats from state-backed adversaries and criminal groups. This legislation, which has been in development for over a year, targets essential sectors such as health care, energy, and transportation, mandating direct cybersecurity regulations for service vendors, including those associated with the NHS. With significant cyberattacks causing an estimated £14.7 billion in economic damage annually, the bill addresses a sharp rise in such incidents, undersco…
Read More