A hacker group known as the Crimson Collective has breached Red Hat, a leading open-source software vendor, claiming to have stolen sensitive information from over 28,000 code repositories. The group has threatened to release 570 GB of data, which includes critical engagement reports and customer network audits, unless a ransom is paid by October 10. Red Hat confirmed unauthorized access to its GitLab instance, affecting its consulting services and potentially compromising the data of major corporations like Walmart and American Express. This incident underscores the rising threat of cyber ext…
Read More

A recent cybersecurity report reveals the emergence of XRayC2, a sophisticated command-and-control framework that exploits Amazon Web Services (AWS) X-Ray, transforming it from a performance monitoring tool into a vehicle for malicious activities. This innovative toolkit allows attackers to establish covert communication channels by blending malicious traffic with legitimate application data, significantly complicating detection efforts. Utilizing AWS’s infrastructure, the framework employs a three-phase communication process that encompasses beaconing, command delivery, and data exfiltratio…
Read More

A September 2025 internal U.S. Army memo, seen by Reuters, has raised significant security concerns about the Next Generation Command and Control (NGC2) battlefield communications platform, developed by Palantir Technologies, Anduril Industries, Microsoft, and other partners. The memo, authored by Army Chief Technology Officer Gabrielle Chiulli, describes the NGC2 prototype as “very high risk,” citing fundamental security flaws such as uncontrolled user data access, lack of activity tracking, and unverified software security. It also notes that third-party applications hosted on the system con…
Read More

On Sunday, Chhattisgarh police achieved a breakthrough under Operation Cyber Shield, arresting four accused in Raipur in connection with a sprawling mule-account network orchestrated by Chinese nationals. The investigation uncovered transactions amounting to crores of rupees flowing through over 500 bank accounts, and revealed the suspects had cheated more than 500 victims across multiple Indian states. Raids were carried out at two sites—Gole Chowk (Dagania) and Katora Talab—and the syndicate’s fake offices were sealed. The accused ran fraudulent matrimonial websites such as erishtaa.co…
Read More

Researchers from the Georgia Institute of Technology have identified significant vulnerabilities in Tile tracking devices, which are popular among consumers for locating personal belongings. The absence of encryption and the use of static MAC addresses make these devices susceptible to exploitation by malicious actors, raising serious privacy concerns. While Tile’s parent company, Life360, claims to have addressed these issues, critics, including the Electronic Frontier Foundation, argue that the company has inadequately responded to calls for improved security measures, unlike competitors lik…
Read More

The recent finalization of the Cybersecurity Maturity Model Certification (CMMC) by the U.S. Department of Defense, effective November 10, 2025, imposes stringent cybersecurity standards on defense contractors, requiring assessments from self-certification to third-party audits to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). India’s defense sector is also stepping up its cybersecurity with the 2025 Security Manual for Licensed Defence Industries (SMLDI 2025) and new government mandates that emphasize biometric access controls, comprehensive employee…
Read More

Recent advancements in AI, particularly with language models like Claude Sonnet 4.5, have shown promising results in identifying software vulnerabilities. Anthropic reports that Sonnet 4.5 improves vulnerability detection rates from 2% to 5%, successfully uncovering new flaws in over a third of tested projects. This enhancement was notably showcased during a DARPA AI Cyber Challenge, where teams utilized large language models to create “cyber reasoning systems” capable of analyzing millions of code lines for potential security issues. The development signifies a pivotal shift in cybersecurity…
Read More

A recently identified vulnerability known as the WireTap attack poses a significant threat to Intel’s Software Guard eXtensions (SGX), enabling attackers with physical access to extract sensitive data, including cryptographic keys, from server processors. Detailed in a research paper, this approach utilizes a low-cost tool to intercept data traffic between the CPU and memory, challenging the security foundations of SGX, especially in blockchain applications reliant on its technology for secure transactions. The implications are profound, as compromised SGX keys could allow malicious actors to…
Read More

Inspector General of Police (IGP) Jammu Zone, Bhim Sen Tuti, emphasized the critical role of Artificial Intelligence (AI) and cybersecurity in evolving policing strategies during a review meeting aimed at enhancing internal security and law enforcement in Jammu. The discussions, which precede the 60th All-India DGPs and IGPs Conference, scheduled for November in Chhattisgarh, focused on modernizing police infrastructure and adopting innovative approaches to counter emerging security threats. IGP Tuti called for synchronization among police units to boost operational efficiency, reflecting a co…
Read More

Discord has confirmed a data breach involving a third-party customer service provider that compromised identifiable user information from a limited number of users who had interacted with its support teams. The breach, which occurred on September 20, resulted in the unauthorized access of usernames, email addresses, last four digits of credit card numbers, and a small number of government-issued ID photos, although full credit card numbers and passwords remain secure. Hackers, motivated by financial gain, demanded a ransom from Discord in exchange for not leaking the stolen information, which…
Read More

A coordinated cyberattack exploiting the known Grafana vulnerability CVE-2021-43798 has resurfaced, with an alarming spike in exploitation attempts observed on September 28, 2025. Attackers primarily from Bangladesh, China, and Germany targeted systems internationally, including several critical infrastructure points, leveraging unpatched Grafana instances to execute directory traversal attacks and file disclosures. Despite patches being available since December 2021, many Grafana deployments remain vulnerable, exposing sensitive operational data and internal configurations. In India, Grafana…
Read More

Indian researchers at the Raman Research Institute in Bengaluru, in collaboration with the Indian Institute of Science and the University of Calgary, have made a significant breakthrough in quantum security by developing a simplified method to generate truly random numbers using quantum computers. This approach uses a single qubit measured over time, eliminating the need for complex optical setups. Demonstrated on cloud-based quantum platforms like IBM’s superconducting-qubit system, the technique certifies randomness based on Leggett-Garg inequalities, ensuring unhackable digital security. Pu…
Read More

The recent expiration of the Cybersecurity Information Sharing Act of 2015 (CISA 2015) amidst a U.S. government shutdown has raised significant concerns within the private sector regarding cyber threat coordination. This critical legislation, which facilitates information sharing between private entities and government, has been instrumental in enhancing cybersecurity protections. The inability of lawmakers to reach a consensus on renewing or modifying the Act places the U.S. in a more vulnerable cyber environment, as emphasized by industry coalitions that argue the lapse could lead to increas…
Read More

Threat intelligence firm GreyNoise has reported a staggering 500% increase in scanning activity targeting Palo Alto Networks login portals on October 3, 2025, with approximately 1,300 unique IP addresses involved, predominantly from the U.S. This surge is reminiscent of a similar spike in scanning activity related to Cisco Adaptive Security Appliances, raising concerns about potential exploits and recent vulnerabilities. The overlap in the fingerprinting of the scanning tools suggests a coordinated effort, reinforcing the need for organizations to maintain updated software versions to mitigate…
Read More

Cybercriminals linked to recent ransomware attacks on British retailers have claimed to have stolen nearly one billion records from Salesforce, targeting companies that utilize its cloud services. The hack was reportedly executed using voice phishing (vishing) tactics aimed at Salesforce clients, rather than hacking Salesforce directly. The group, called Scattered LAPSUS$ Hunters, has claimed responsibility for breaching around 40 organizations, including major retailers like Marks & Spencer and Jaguar Land Rover, and has launched a dark web site disclosing their alleged victims. Salesforce ha…
Read More

Tenable has identified critical vulnerabilities, collectively termed the Gemini Trifecta, in Google’s Gemini suite, potentially allowing hackers to steal sensitive user data unnoticed. These flaws, now remediated, enabled attackers to manipulate logs, search histories, and use the browsing tool to exfiltrate information like location data. The vulnerabilities underscore the necessity for organizations to treat AI-driven features as active attack surfaces, emphasizing the need for robust security measures in AI environments. The incident highlights the evolving security landscape where AI platf…
Read More

A new phishing toolkit named Impact Solutions has emerged on underground cybercrime forums, enabling lower-skilled hackers to conduct sophisticated attacks with ease. The toolkit, which surfaced around October 1, 2025, is designed as an all-in-one platform that allows cybercriminals to craft convincing malicious files using social engineering tactics, such as weaponized shortcuts, HTML pages, and SVG images, to bypass traditional security filters. It boasts evasion techniques like UAC bypass and anti-virtual machine checks, making it formidable against antivirus systems. Impact Solutions facil…
Read More

Kochi will host c0c0n 2025, a prominent cybersecurity conference on October 10-11, focusing on critical areas like digital forensics, cross-border cybercrime collaboration, and legal frameworks. The event will gather around 3,000 participants, including law enforcement officials from across India and representatives from agencies such as the NIA, CBI, and R&AW. Attendees will engage in hands-on exposure to the latest cybersecurity technologies and trends, with an exhibition showcasing innovative tools and platforms in the industry. This conference underscores India’s commitment to enhancing it…
Read More

India’s cybersecurity watchdog, CERT-In, has issued a warning to Apple users regarding a newly discovered security vulnerability impacting various devices, including iPhones and iPads. This flaw, classified as medium severity, is linked to the FontParser component, allowing potential attackers to exploit devices through maliciously crafted fonts, which could lead to crashes or system instability. CERT-In advises users to update their devices to the latest software versions to mitigate risks and emphasizes the importance of avoiding files from untrusted sources. This warning underscores the ong…
Read More

In Chandigarh, the Cyber Crime Police Station conducted an awareness campaign during Dasehra celebrations as part of the National Cyber Security Awareness Month. Led by SHO Eram Rizvi, the initiative aimed to educate citizens about safe digital practices and the increasing threat of online fraud, highlighting scams such as digital arrest frauds, phishing, OTP-based financial crimes, fake investment schemes, impersonation, and fraudulent customer care helplines. This proactive approach underscores the importance of cybersecurity awareness in safeguarding individuals against sophisticated online…
Read More

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for federal agencies to address vulnerabilities in Cisco systems that have been exploited in recent zero-day attacks. This advisory highlights critical flaws associated with CVE-2025-20362, CVE-2025-20333, and CVE-2025-20352, underscoring the urgency for government entities to implement the necessary patches to mitigate potential risks. The exploitation of these vulnerabilities poses significant threats to national security and infrastructure, emphasizing the need for robust cybersecurity measures. This developm…
Read More

A new phishing kit has emerged, allowing cybercriminals to execute sophisticated attacks with minimal technical skills. This point-and-click toolkit features an intuitive interface enabling attackers to customize lures and deploy malicious payloads through seemingly harmless documents. The kit employs advanced evasion techniques, such as dynamic content injection and memory-based execution, circumventing traditional security measures. As a result, it significantly increases the risk to users, highlighting the urgent need for enhanced cybersecurity awareness and proactive monitoring by organiza…
Read More

Google has issued a warning to firms worldwide about a large-scale extortion campaign targeting top executives, claiming stolen data from Oracle’s widely used E-Business Suite. Starting late September 2025, hackers linked to the cl0p ransomware gang have sent highly personalised emails threatening to leak sensitive corporate information unless substantial ransoms—sometimes as high as $50 million—are paid in cryptocurrency. Oracle has confirmed that its customers have received such extortion emails and is working closely with Google’s Mandiant cybersecurity team to investigate. Although d…
Read More

Signal has launched the Sparse Post Quantum Ratchet (SPQR), enhancing its cryptographic security amid rising quantum computing threats. This innovative Triple Ratchet protocol integrates the existing Double Ratchet with SPQR, ensuring user messages are safeguarded against both current and future quantum attacks. The protocol maintains core security principles like forward secrecy and post-compromise security, effectively addressing concerns about potential harvest-now-decrypt-later strategies. Seamlessly implemented without user disruption, the development is backed by rigorous academic collab…
Read More

Japanese restaurants, bars, and stores are experiencing a significant shortage of beverages from Asahi Group due to an ongoing cyberattack that has disrupted operations for over five days. The company, known for its Super Dry beer, has suspended order processing and shipping, resulting in a shift to manual order-taking to prioritize outgoing shipments of food and soft drinks. Asahi has confirmed it was the victim of a ransomware attack and is working with specialists to restore its systems, but a full recovery timeline remains uncertain. This incident highlights vulnerabilities in cybersecurit…
Read More