Major European airports, including London’s Heathrow, Berlin, and Brussels, faced significant disruptions due to a cyberattack targeting Collins Aerospace’s check-in and boarding systems, impacting flight operations on Saturday. Passengers experienced long queues and numerous cancellations as airports scrambled to restore normalcy by implementing manual workarounds. The incident, classified as cyber-related disruption, underscores the vulnerability of critical infrastructure to hacking threats, mirroring recent breaches in other sectors like automotive and retail. As investigations ensue, the…
Read More

A cyberattack targeting a third-party service provider has disrupted operations at major European airports, including London’s Heathrow, Brussels, and Berlin, leading to numerous flight delays and cancellations. The incident affected automated check-in and boarding systems, compelling airlines to revert to manual processes. Brussels Airport reported that by Saturday morning, ten flights were canceled and 17 delayed by over an hour. Collins Aerospace, the affected service provider, acknowledged a “cyber-related disruption” and is actively working to restore functionality. This incident unders…
Read More

The Indian Army is transitioning to a new era of non-contact warfare, emphasizing the importance of cyber capabilities, space assets, and precision strikes, according to Lt Gen Adosh Kumar, Director General, Artillery. During the Gen S F Rodrigues Memorial Seminar, he highlighted that modern conflicts rely on remote surveillance and autonomous systems to engage adversaries while minimizing risk to personnel. Notably, the success of Operation Sindoor demonstrated the effectiveness of these strategies in providing information dominance and striking capabilities. Kumar urged the Army to strengthe…
Read More

Researchers have unveiled MalTerminal, the earliest known malware utilizing GPT-4 capabilities to generate ransomware or reverse shell commands. This discovery was made by SentinelOne’s research team and presented at LABScon 2025. MalTerminal’s design marks a significant evolution in cyber threats, with the ability to dynamically create malicious code, complicating defense measures. Additionally, a report by StrongestLayer highlights how threat actors are embedding prompts within phishing emails to bypass AI security measures, elevating the sophistication of social engineering attacks. These…
Read More

A new Remote Access Trojan (RAT) is being marketed on underground forums as a fully undetectable alternative to legitimate software, notably ScreenConnect. This malware boasts advanced features that allow it to evade modern security systems, including bypassing Google Chrome and Windows SmartScreen warnings by utilizing a valid Extended Validation (EV) certificate. The RAT potentially enables attackers to gain real-time visual control of compromised systems, facilitating data theft and system manipulation. This development highlights an alarming trend in sophisticated cybercrime tools, emphasi…
Read More

A self-propagating JavaScript worm named “Shai-Hulud” has compromised over 500 npm packages, highlighting a major vulnerability in software development environments. This worm infects packages by stealing developer credentials and cloud tokens through tools like TruffleHog, then injects malicious scripts into other packages managed by compromised maintainers. Once a package is infected, the worm automatically republishes trojanized versions with updated package files to propagate further. It also creates public GitHub repositories exposing stolen credentials and uploads malicious GitHub Action…
Read More

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over sophisticated Chinese malware linked to exploits of Ivanti’s Endpoint Manager Mobile (EPMM) systems, identifying vulnerabilities CVE-2025-4427 and CVE-2025-4428 that allowed attackers to execute remote code and maintain persistent access. Although CISA refrained from formal attribution, researchers suspect state-sponsored Chinese actors behind these intrusions, highlighting the growing threat to mobile device management platforms crucial for enterprises. The incident underscores the urgent need for enhanced…
Read More

In response to escalating cyber threats, the Union Ministry for Home Affairs (MHA) has directed the Ministry of Housing and Urban Affairs (MoHUA) to enhance cyber security measures within India’s smart cities. This initiative includes the appointment of dedicated Chief Information Security Officers (CISOs) for each smart city, who will oversee the protection of digital infrastructure, monitor cyber risks, and ensure compliance with national security protocols. The push for stronger cyber defenses underscores the increasing reliance on technology in governance and public services, highlighting…
Read More

The Data Security Council of India (DSCI) and Siemens Limited have inaugurated an Operational Technology (OT) Cyber Security Lab at the Nasscom campus in Noida, aimed at bolstering India’s critical infrastructure cybersecurity. This initiative will serve as an innovation platform for startups, providing access to technology and equipment necessary for developing and testing cybersecurity solutions in real-world scenarios. The lab will focus on skill development and training professionals across critical sectors, fostering collaboration among government, academia, and industry. With the digital…
Read More

South Korea’s government has initiated a comprehensive response to recent cyberattacks affecting KT Corp and Lotte Card, which resulted in significant data breaches compromising sensitive personal information. The Ministry of Science and ICT and the Financial Services Commission have pledged a thorough investigation into the incidents, with plans for major regulatory reforms to enhance cybersecurity. Notably, approximately 2.97 million customers’ data from Lotte Card was exposed, raising concerns over potential financial fraud. This situation emphasizes the need for a robust cybersecurity fram…
Read More

The U.S. Department of Justice has charged British teenager Thalha Jubair, 19, with involvement in over 120 cyberattacks, including breaches targeting the U.S. Courts system and extortion of numerous U.S. companies. Arrested alongside 18-year-old Owen Flowers, Jubair is linked to the Scattered Spider hacking group, known for utilizing social engineering tactics to compromise corporate networks, leading to significant ransom payments exceeding $115 million. Evidence suggests Jubair’s seized servers contained critical information from a New Jersey-based infrastructure company and a cryptocurre…
Read More

Researchers at Radware have identified a serious zero-click vulnerability in OpenAI’s ChatGPT, specifically within its Deep Research agent, which could have allowed attackers to exfiltrate sensitive Gmail data without any user action. Dubbed “ShadowLeak,” this vulnerability enables hackers to craft emails with hidden HTML instructions that manipulate the AI agent into leaking personal identifiable information (PII) from a user’s inbox directly to an attacker-controlled server. The attack leverages the agent’s built-in capabilities to autonomously browse the web and interact with various applic…
Read More

A recent study by Arctic Wolf reveals that the majority of cybersecurity alerts occur outside regular business hours, highlighting a concerning shift in the threat landscape. Adversaries are increasingly employing sophisticated tactics, targeting vulnerabilities and exploiting timing to bypass traditional defenses, resulting in heightened alert fatigue among defenders. This trend necessitates a reevaluation of defense strategies, as organizations face unprecedented complexity in threats despite significant investments in cybersecurity. The findings underscore the importance of continuous vigil…
Read More

SonicWall has confirmed a security breach impacting its MySonicWall cloud platform, which exposed firewall configuration files for less than 5% of its customers. Following the detection of suspicious activity, the company highlighted that the breach was the result of brute-force attacks targeting backup files, which, although encrypted, contained sensitive information that could aid attackers in exploiting firewalls. SonicWall emphasized that this incident did not involve ransomware, but the attack raises concerns about systemic security vulnerabilities within the company’s infrastructure, as…
Read More

In a recent wave of cyberattacks, the threat actor TA558 has deployed the Venom RAT malware targeting hotels in Brazil and Spanish-speaking regions, leveraging AI-generated scripts for phishing campaigns. Kaspersky’s analysis notes that these attacks employ sophisticated methods, including the use of JavaScript loaders and PowerShell downloaders to infiltrate systems, primarily aiming to capture sensitive credit card information from guests. The group, known as RevengeHotels, has refined its tactics since its inception, enhancing its malware with anti-detection features and persistence mechani…
Read More

Smart glasses are making a comeback in India, with Reliance Jio and Amazon entering the market after Meta’s Ray-Ban smart glasses. These augmented reality devices raise significant concerns about privacy and surveillance, especially regarding potential misuse in the gig economy, where app-based tracking is already contentious. Experts highlight that India lacks robust legal frameworks compared to the US and Europe, calling for proactive regulatory measures to address the unique challenges posed by continuous monitoring technologies. While these AR glasses could enhance user experiences, the ab…
Read More

Researchers at NetRise have discovered that the long-standing Wi-Fi Protected Setup (WPS) vulnerability known as Pixie Dust remains prevalent in modern networking devices, allowing attackers to recover router PINs in as little as 12 seconds. Analyses revealed that 24 devices from six major vendors, some as recent as July 2025, are still vulnerable, with patches delayed by an average of nearly a decade. This ongoing issue highlights systemic weaknesses in firmware security management, urging manufacturers to enhance update protocols and default configurations. Experts emphasize that without tho…
Read More

India’s cybercrime landscape is alarming, with losses projected to reach ₹20,000 crore in 2025, a stark rise from ₹7,465 crore in 2023, as cyber fraud incidents surged. The Indian Cybercrime Coordination Centre (I4C) has initiated comprehensive measures, including the National Cybercrime Reporting Portal and a 24/7 helpline, achieving significant fraud prevention. However, challenges persist, including delayed reporting, jurisdictional complications, and inadequate technical expertise among law enforcement. To enhance cyber resilience, immediate reforms are recommended, such as simplifying…
Read More

WatchGuard has issued an advisory regarding a critical vulnerability, CVE-2025-9242, in its Firebox network security appliances that could allow unauthenticated attackers to execute arbitrary code. Affecting various Fireware OS versions, the flaw is particularly concerning for organizations utilizing mobile and branch office VPN configurations. With a CVSS score of 9.3, the vulnerability poses a significant risk, and WatchGuard has rolled out firmware updates to mitigate the issue. Administrators are urged to upgrade to the latest versions and implement network hardening measures to minimize e…
Read More

India is set to integrate artificial intelligence (AI) into its national electricity grid, enhancing real-time risk detection, fault prediction, and cyber security. This strategic shift aims to support the projected increase of renewable energy to over 500 GW by 2030, allowing for proactive measures against potential outages and market manipulation. AI will also be crucial in monitoring market behavior and detecting cyber threats, as the grid’s complexity rises. To ensure effective implementation, the government plans to develop a national AI assurance framework and upskill operators in data s…
Read More

Thales has unveiled its Datacryptor Model 5 (DCM5) at DSEI 2025, a sovereign cryptography system aimed at safeguarding sensitive data against quantum computing threats. This innovative device, compatible with previous models, features hardware-level customer-defined cryptography and meets strict certification standards like UK CAPS High Grade and US FIPS 140-3 Level 3. With cybersecurity experts acknowledging quantum computing as a significant future risk, DCM5 positions itself as a critical tool for governments and multinational coalitions. Thales’s proactive approach in developing DCM5 highl…
Read More

A recent supply chain attack, dubbed “Shai-Hulud,” has compromised over 180 NPM packages, utilizing self-replicating malware to steal secrets and publicize them on GitHub. The attackers accessed more than 40 developer accounts, publishing over 700 malicious package versions. This self-propagating worm targets Linux and macOS environments, skipping Windows, and amplifies its impact through package inter-dependencies. The incident highlights the vulnerability of the software supply chain, necessitating rigorous audits, strong authentication, and protective measures to safeguard against future th…
Read More

Microsoft’s Digital Crimes Unit, in collaboration with Cloudflare, has seized 338 domains associated with the RaccoonO365 phishing-as-a-service operation, which has compromised over 5,000 Microsoft 365 credentials across 94 countries since July 2024. This service, led by Joshua Ogundipe from Nigeria, allows cybercriminals to conduct phishing attacks with minimal technical skills, posing a significant risk to users, particularly in healthcare. The operation highlights the urgent need for a united global effort against cybercrime, emphasizing the importance of enhanced legal frameworks and robus…
Read More

The recent directive from the Indian government mandates that all cryptocurrency exchanges, custodians, and intermediaries must undergo cybersecurity audits by auditors accredited by the Indian Computer Emergency Response Team (Cert-In) to enhance the security framework in the wake of increasing cybercrimes associated with virtual digital assets (VDAs), which now account for a significant portion of cybercrime in the country. This requirement aligns VDAs with the compliance standards of traditional financial institutions under the Prevention of Money Laundering Act, 2002, thereby reinforcing t…
Read More

Tata-owned Jaguar Land Rover (JLR) has extended its production halt until September 24 due to a cybersecurity incident involving a hacker group known as “Scattered Lapsus$ Hunters.” This disruption comes as JLR faces challenges, including declining profits linked to increased costs from US tariffs. The ongoing forensic investigation aims to assess the breach’s extent, with the company communicating its efforts to restart operations. JLR had previously engaged Tata Consultancy Services for cybersecurity support, highlighting the importance of digital resilience in today’s landscape, espec…
Read More