The Indian Army’s Central Command has partnered with IIT Kanpur’s C3iHub to enhance its cybersecurity capabilities through a new Memorandum of Understanding. This initiative aims to provide structured training to Army personnel in advanced cyber defence strategies, focusing on emerging threats and incident response frameworks essential for securing military networks. The training modules, developed by C3iHub, will expose personnel to global best practices in cyber defence, thereby strengthening the Army’s operational readiness in the digital …

The Shai-Hulud v2 supply chain attack has expanded to the Maven ecosystem, compromising over 830 npm packages and embedding malicious components in the org.mvnpm:posthog-node:4.18.1 package. This iteration is more stealthy and destructive, allowing attackers to gain unauthorized access to developer accounts and publish trojanized packages, affecting over 28,000 repositories. By exploiting CI misconfigurations, the malware amplifies its impact, leveraging a single compromised account to spread rapidly. Experts warn that this attack underscores vulnerabilities in the …

A recent report by Anthropic detailed a sophisticated cyber-espionage scheme believed to be backed by the Chinese government, employing AI tools like Claude Code to automate hacking tasks. This operation highlights a troubling trend where generative AI is being exploited by state-sponsored hackers and criminal networks to enhance their cyber capabilities, creating a digital arms race. As AI models can quickly identify and exploit vulnerabilities, they pose a significant threat to cybersecurity, potentially granting criminals …

The Department of Telecom (DoT) has issued a crucial advisory warning mobile subscribers about potential legal repercussions if their registered SIM cards are misused for illegal activities, such as fraud or impersonation. This advisory comes amid rising instances of cybercrime facilitated by SIM cards acquired through fraudulent means or borrowed from unwitting individuals. The DoT emphasizes the importance of vigilance regarding devices linked to one’s identity and outlines strict legal penalties, including imprisonment and substantial …

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about sophisticated spyware attacks targeting messaging applications, particularly those used by senior government officials, military leaders, and civil society executives. Cyber actors have employed advanced techniques, such as zero-click malware and fraudulent app upgrades, to gain unauthorized access to victims’ devices, thereby compromising sensitive information. CISA’s alert underscores the growing concerns over the prevalence of such attacks, particularly against encrypted messaging services like Signal. …

KawaiiGPT, a free and open-source malicious AI tool, has emerged as a significant threat in the cybercrime landscape, enabling novice hackers to execute sophisticated cyberattacks with minimal technical expertise. Its capabilities include crafting convincing phishing emails, generating ransomware scripts, and facilitating data exfiltration, all while maintaining a user-friendly interface. The tool’s increasing popularity, evidenced by over 500 registered users, poses a challenge for cybersecurity defenses, which must now adapt to automated attacks that blur traditional …

Microsoft has raised concerns regarding security risks associated with its new agentic AI capabilities in Windows, particularly through the introduction of the agent workspace feature which allows AI agents to operate in isolated environments. While these agents enhance user interaction by performing tasks autonomously, they also open up vulnerabilities such as cross-prompt injection attacks, which could lead to data breaches or malware installation. The company is addressing these risks with stringent security principles focused on …

Chinese researchers are intensifying their efforts to counter SpaceX’s Starlink satellite constellation, perceived as a strategic advantage for Taiwan and its allies, particularly the U.S. Notably, studies indicate that Beijing is exploring the deployment of 1,000 to 2,000 drones equipped with jamming technology to disrupt Starlink’s communications, which are complex and resilient. While initial attempts at jamming have proven less effective, advancements in electronic warfare and plans for laser-equipped submarines reflect China’s determination to neutralize …

The Indian government has issued a significant security warning from the Indian Computer Emergency Response Team (CERT-In) advising Chrome users on Windows, Mac, and Linux systems of vulnerabilities that could be exploited by remote attackers. Specifically, users of Google Chrome versions prior to 142.0.7444.175/.176 for Windows, 142.0.7444.176 for Mac, and 142.0.7444.175 for Linux are urged to update their browsers immediately to mitigate the risk of arbitrary code execution. This alert underscores the ongoing cybersecurity challenges …

Recent reports indicate a concerning development in global cybersecurity, as Russian and North Korean hacking groups, Gamaredon and Lazarus, appear to be collaborating by sharing operational infrastructure. This alliance, marked by a shared IP address and mutual defense commitments between the two nations, raises alarms about a significant shift in cyber threat dynamics. Gamaredon, known for cyber espionage against Ukraine, and Lazarus, which has evolved towards financially motivated attacks, may represent the first documented case …

The UAE Cyber Security Council has issued a warning regarding the cybersecurity risks posed by untrusted public charging ports, revealing that 79% of travelers unknowingly expose their personal data to potential theft through juice jacking attacks. These incidents can lead to significant data breaches, with 68% of companies experiencing attacks via these charging stations. To mitigate risks, the Council recommends carrying personal chargers, avoiding public ports, and employing protective measures such as two-factor authentication and …

Cybersecurity experts from Group-IB have unveiled the sophisticated UNC2891 campaign, targeting ATMs through a blend of physical intrusion and advanced malware, including the CAKETAP rootkit. The group’s tactics involve the use of Raspberry Pi devices to breach bank infrastructures in Indonesia and a recruitment strategy for proxies to facilitate cash withdrawals. This multi-faceted attack underscores a worrying trend where high-profile ATM incidents are declining, yet threats persist due to evolving methods that marry technical expertise …

The European Union Agency for Cybersecurity (ENISA) has been elevated to Root status in the global CVE Program, marking a significant enhancement of its role in cybersecurity oversight across Europe. This designation allows ENISA to oversee and coordinate other CVE Numbering Authorities (CNAs), thereby streamlining vulnerability management and improving the EU’s response to cybersecurity threats. The shift aligns with broader EU initiatives such as the Cyber Resilience Act and NIS2 Directive, aimed at harmonizing cybersecurity …

A new phishing scam targeting Microsoft users has emerged, with fraudsters sending fake password reset emails from a misleading domain, ‘rnicrosoft.com’. Cybersecurity experts warn that this tactic could lead to significant security breaches for unsuspecting victims. Users are advised to vigilantly check email addresses and links, and to navigate directly to Microsoft’s official website for any password resets. This incident underscores the critical need for heightened cybersecurity awareness and proactive measures to safeguard personal information …

Harvard University is investigating a data breach that exposed personal contact information and donation details of alumni, donors, students, and faculty after a phone-based phishing attack. The breach occurred when an unauthorized party accessed the university’s Alumni Affairs and Development Office systems, although sensitive data such as Social Security numbers and financial account information were not involved. Harvard acted swiftly to secure its systems by removing the attacker’s access and has since engaged with cybersecurity …

Security researchers at GreyNoise have detected a significant surge in cyberattacks targeting Palo Alto Networks GlobalProtect VPN portals, with approximately 2.3 million malicious sessions initiated since November 14, 2025. This coordinated assault, primarily originating from Germany, indicates a well-organized operation with distinct patterns suggesting ongoing threats. Notably, the attackers displayed a focus on various countries, including the United States and Pakistan. Experts warn that this aggressive scanning could precede actual exploitation of vulnerabilities, urging organizations …

The Clop ransomware gang has claimed a significant breach of Oracle Corporation, exploiting a critical zero-day vulnerability (CVE-2025-61882) in the Oracle E-Business Suite, which affects versions 12.2.3 to 12.2.14. This vulnerability allows unauthenticated remote code execution, posing severe risks for organizations using unpatched systems, given its high CVSS score of 9.8. Clop has reportedly targeted several high-profile companies, threatening to publicly release sensitive data unless ransoms are paid. This incident underscores the alarming trend of …

In a significant security breach, two employees of the Cochin Shipyard, identified as Rohit (29) and Santri (37) from Uttar Pradesh, were arrested by Udupi district police for allegedly leaking sensitive maritime data to Pakistani contacts via WhatsApp over an 18-month period. This confidential information included critical details about ship construction and specific vessel information, likely compromising the national security and sovereignty of India. The investigation, initiated after a formal complaint from the shipyard’s CEO, …

The Indian Computer Emergency Response Team (CERT-In) has issued a security alert for vulnerabilities in Zoom applications across multiple platforms, including Windows, macOS, Android, and iOS, as of November 14, 2025. These critical flaws could allow hackers to bypass security measures, potentially leading to unauthorized data access and execution of malicious code. CERT-In has urged users to promptly update to the latest Zoom versions following the release of specific patches addressing these issues. Security experts …

A critical remote code execution vulnerability in Microsoft’s Windows Graphics Component, designated CVE-2025-50165, allows attackers to take control of systems using specially crafted JPEG images, rated with a CVSS score of 9.8. This flaw, discovered in May 2025 and patched in August 2025, affects several Windows versions, including Windows Server 2025 and Windows 11 Version 24H2, with unpatched systems at high risk for exploitation in phishing campaigns or ransomware attacks. The vulnerability stems from an …

CERT-In, India’s cybersecurity agency, has issued a high-severity warning regarding a significant security flaw affecting multiple versions of Windows 10 and Windows 11, including some recent builds. This vulnerability, stemming from a race condition within the Windows kernel, allows attackers with low-level access to escalate their privileges to full system administrator rights, posing risks to data integrity and system stability. Microsoft has promptly released security patches to address this issue, emphasizing the importance of regular …

CISA has mandated U.S. government agencies to address a critical vulnerability, CVE-2025-58034, in Fortinet’s FortiWeb web application firewall. This OS command injection flaw permits authenticated attackers to execute root-level code, posing significant risks to federal systems. Agencies have been given a tight deadline until November 25 to secure their systems, following the identification of this vulnerability in the context of rising cyber threats, including a recent attack linked to a Chinese hacking group. The urgency …

The Indian Computer Emergency Response Team (CERT-In) has issued a critical alert for users of select Asus DSL-series Wi-Fi routers, highlighting a significant authentication bypass vulnerability (CVE-2025-59367) that can be exploited remotely, risking the security of entire networks. This flaw affects popular models such as Asus DSL-AC51, DSL-N16, and DSL-AC750, commonly used in homes and small offices across India. Users are urged to update their router firmware, change default passwords, and monitor network activity to …

Recent findings by Amazon Threat Intelligence reveal a concerning trend of nation-state actors integrating cyber warfare with kinetic operations, termed “cyber-enabled kinetic targeting.” The analysis highlights two case studies involving Iranian cyber groups—Imperial Kitten and MuddyWater—that demonstrate how cyber reconnaissance is used to facilitate physical attacks, such as maritime strikes and missile launches. This evolution blurs the lines between digital and physical warfare, urging defenders to re-evaluate cybersecurity strategies and enhance intelligence sharing across sectors. …

A newly identified cyber campaign, codenamed Operation WrtHug, has compromised over 50,000 outdated ASUS WRT routers globally, primarily affecting regions such as Taiwan, the U.S., and Russia. The operation exploits six known security vulnerabilities, enabling attackers to gain control of these devices through the ASUS AiCloud service. SecurityScorecard reports similarities to China-linked botnet activities, suggesting possible links to known Chinese hacking groups. This incident underscores the increasing trend of malicious actors targeting network devices for …