Russian hackers have conducted a sustained cyber campaign targeting Poland’s critical infrastructure, including hospitals and the water supply systems of one of its ten largest cities. Between 20 and 50 daily cyberattacks have been reported, with some breaches leading to temporary hospital closures and theft of sensitive medical data, as well as attempts to disrupt urban water flows that were narrowly averted. These attacks form part of a hybrid warfare strategy coinciding with drone incursions into Polish airspace in early September 2025, heightening national security concerns. In response, P…
Read More

The Australian government has raised significant national security concerns regarding Chinese-made electric vehicles (EVs), which could potentially be exploited for surveillance or sabotage. Lieutenant General Susan Coyle, Australia’s top cyber warfare official, has warned that such vehicles, equipped with internet connectivity and advanced technology, pose risks including data collection, audio eavesdropping, and remote disabling. Home Affairs Minister Tony Burke reportedly took precautions after warnings about his own Chinese EV’s security vulnerabilities. The US has already banned Chinese…
Read More

A recent supply chain attack has compromised over 40 npm packages, employing a method to inject malicious scripts that steal developer credentials. The attackers utilize a legitimate secret scanning tool, TruffleHog, to access sensitive information, subsequently exfiltrating it to external servers. Additionally, a phishing campaign targeting crates.io users has emerged, with deceptive emails urging recipients to rotate login information, falsely claiming a compromise of the platform’s infrastructure. This series of incidents highlights the escalating threats in software supply chains, necessit…
Read More

SRM University has achieved a significant milestone by emerging as the top performer in the UST’s GenCyS 2025 Cybersecurity Challenge, showcasing the institution’s commitment to advancing skills in cybersecurity. This success highlights the growing importance of cybersecurity education in India, especially as it relates to national security and defense capabilities. With increasing cyber threats, such initiatives are crucial for fostering a skilled workforce that can protect India’s digital infrastructure. This accomplishment not only enhances the university’s reputation but also contributes…
Read More

Google confirmed a significant cyber breach after hackers created a fraudulent account within its Law Enforcement Request System (LERS), a secure platform used globally by verified law enforcement agencies to submit official data requests. The incident, reported in mid-September 2025, was linked to the hacker group “Scattered Lapsus$ Hunters,” known for major data breaches this year. Although Google stated that no data was accessed and no requests were made via the fake account, the breach exposed critical vulnerabilities in Google’s account approval process. LERS handles sensitive requests li…
Read More

Google DeepMind CEO Demis Hassabis warns against a “move fast and break things” approach in AI, emphasizing the need for responsible development to avoid the pitfalls experienced by social media. He highlights that while AI can enhance productivity, it also risks amplifying issues like addiction and mental health crises if not governed properly. A recent MIT report indicated that 95% of generative AI projects are failing, raising concerns about the sustainability of the AI hype. Hassabis calls for international collaboration and scientific rigor in AI deployment, stressing the importance of pr…
Read More

A North Korean hacking group, Kimsuky, has reportedly exploited ChatGPT to generate a deepfake South Korean military ID card, enhancing the credibility of phishing attempts linked to malware. Cybersecurity researchers from Genians found that while ChatGPT initially blocked requests for government ID generation, prompt adjustments allowed bypassing this restriction. This trend illustrates the increasing reliance of attackers on AI for various tasks, including identity creation and attack planning. The U.S. has previously accused North Korea of engaging in cyber operations to support its intelli…
Read More

Quick Heal Technologies Limited has highlighted a worrying rise in AI-powered chatbot scams in India, where criminals leverage sophisticated language models to execute automated fraud on a massive scale. These scams, which adapt in real-time to deceive victims, mimic trusted entities and exploit personal data from breaches, making detection increasingly difficult. Key warning signs include requests for sensitive information and unusual grammar in communications. To combat these threats, Quick Heal has introduced Antifraud.AI, an advanced solution that offers multi-layered protection against ev…
Read More

Apple has released a crucial security update for iOS 26 and iPadOS 26, addressing 27 vulnerabilities across critical system components, including WebKit and the Apple Neural Engine. The update enhances user privacy by preventing unauthorized data access and improving security measures in various applications, such as Safari and Notes. This comprehensive patch aims to mitigate risks associated with potential exploitation through malicious content, emphasizing Apple’s commitment to user safety. Users are strongly encouraged to install the update immediately, reflecting the importance of timely s…
Read More

A senior Chinese security official, Minister Chen Yixin, has accused certain countries of suppressing China’s cyber technology industry and engaging in cyber hegemony, warning that such actions pose a significant risk to China’s cybersecurity. He emphasized the need to bolster national cybersecurity protections amidst global geopolitical conflicts and the rise of cyberterrorism. Chen criticized the portrayal of China as a cyber threat and called for enhanced measures against cyberattacks, asserting that cybersecurity is a global challenge requiring cooperation. This perspective underscores the…
Read More

A North Korean hacking group, Kimsuky, has utilized AI-generated deepfake images to conduct a cyberattack on South Korean defense-related institutions, attempting a spear-phishing scheme to target military organizations. Their tactics included sending emails with malicious attachments disguised as official ID issuance correspondence, showcasing a troubling trend in the misuse of AI technologies for cyber threats. This incident underscores the evolving landscape of cyber warfare, emphasizing the importance for nations, including India, to enhance their cybersecurity measures and remain vigilant…
Read More

The global shipping industry is experiencing a sharp rise in cyber attacks, driven by both organized criminal gangs and hostile nation-states, notably Russia, China, North Korea, and Iran. Reported cyber incidents in shipping surged from 10 in 2021 to at least 64 in 2022, with costs for responding to attacks doubling to an average of $550,000 between 2022 and 2023, and ransom demands reaching up to $3.2 million. These attacks exploit the sector’s increasing digital connectivity, including advancements like satellite internet (Starlink) and onboard sensors, alongside vulnerabilities from outdat…
Read More

Samsung has issued a security update to patch a critical zero-day vulnerability (CVE-2025-21043) affecting Android devices, which has been exploited to execute arbitrary code by remote attackers. The flaw exists in the libimagecodec.quram.so library, crucial for image processing on Samsung devices. Notably, the vulnerability may have been used in targeted attacks against WhatsApp users, drawing parallels to a recent iOS vulnerability. As government spyware remains a significant threat to civil society, including journalists and human rights defenders, the incident underscores the urgent need f…
Read More

A significant data breach has exposed over 500 GB of sensitive documents from China’s Great Firewall, revealing the inner workings of its internet censorship system. This leak, considered the largest of its kind, provides insights into China’s digital surveillance mechanisms and highlights the export of its censorship technology under the Belt and Road Initiative to various countries. The breach raises concerns about the global proliferation of authoritarian surveillance capabilities and may impact China’s diplomatic relations, especially if human rights abuses are linked to its technology. Th…
Read More

Bitdefender has revealed a sophisticated malware framework, EggStreme, linked to Chinese APT cybercriminals targeting a Philippine military company amidst heightened tensions in the South China Sea. The malware employs a fileless, multi-stage approach, allowing for persistent access, extensive surveillance, and data exfiltration while evading detection through techniques like DLL sideloading. The attackers exploit legitimate Windows services to establish stealthy persistence and utilize a complex command-and-control infrastructure. This incident underscores the need for enhanced cybersecurity…
Read More

The Kerala police will host the annual cyber security conference c0c0n in Kochi on October 10-11, focusing on innovations in cyber security, challenges from AI technology proliferation, and organized cyber crimes. Pre-conference training programs from October 7-9 will prepare participants, while domain experts from organizations like Interpol will lead a training camp on child victim identification. A digital tool to combat Child Sexual Abuse Materials (CSAM) will be introduced, alongside a month-long hackathon involving top technical institutions. This initiative underscores Kerala’s commitme…
Read More

Ukraine is considering limiting mobile service quality during Russian drone attacks to prevent the use of networks for coordinating strikes. Chief of the General Staff Andriy Hnatov explained that reducing 4G and 5G capabilities would hinder the operations of drones that rely on high-speed internet for transmitting images. This strategy comes as Russia intensifies its drone assaults, employing advanced technology to target strategic sites. Ukraine’s approach mirrors Russia’s past tactics of shutting down mobile services to disrupt drone operations, highlighting the ongoing technological warf…
Read More

The International Centre for Automotive Technology (ICAT) is developing a cybersecurity certification process for vehicles to combat increasing threats from cyber hackers who can remotely control cars. With modern vehicles equipped with M2M SIM cards, hackers could manipulate critical functions, posing serious safety risks. Experts highlight the potential for sophisticated attacks, such as spoofing and GAN attacks, which could mislead AI systems into dangerous situations. This evolving cybersecurity landscape necessitates that automotive safety measures evolve to include cybersecurity protecti…
Read More

India has mandated Standardisation Testing and Quality Certification (STQC) for CCTV cameras to enhance cybersecurity and prevent data leaks, primarily addressing vulnerabilities posed by imported modules, particularly from China. This requirement ensures that all CCTV systems undergo rigorous checks of their hardware and software before licensing, with a focus on safeguarding sensitive footage that can be accessed remotely. The move aims to bolster domestic production, as currently over 80% of components are sourced from abroad, and only a few local firms meet the new standards. By enforcing…
Read More

The FBI has issued a warning about two cybercriminal groups, UNC6040 and UNC6395, targeting Salesforce platforms for data theft and extortion. UNC6395 exploited compromised OAuth tokens from a breached GitHub account, while UNC6040 employed vishing campaigns to hijack Salesforce instances. Both groups are tied to extensive data exfiltration and extortion efforts, with indications of an evolving collaboration among various cybercriminal factions. Despite recent claims of shutting down operations, experts caution that such groups often re-emerge under new identities, highlighting the need for or…
Read More

U.S. Senator Ron Wyden has called for an FTC investigation into Microsoft, citing serious cybersecurity negligence linked to ransomware attacks, particularly following a breach at Ascension Healthcare. Wyden’s concerns stem from a contractor’s inadvertent click on a malicious link leading to vulnerabilities in Microsoft’s software, specifically outdated encryption standards like RC4. He argues that Microsoft’s monopolization of operating systems exacerbates national security risks, as the company has not yet issued necessary updates or warnings about these vulnerabilities. While Microsoft ackn…
Read More

India’s energy sector is facing an escalating cybersecurity threat landscape, with digital vulnerabilities posing the top risk amid rapid digitalisation and interconnected systems. The sector’s growing reliance on technologies like smart grids, IoT devices, and AI-powered tools expands the attack surface, exposing critical infrastructure to sophisticated cyberattacks, including those from state-sponsored actors. In 2025, incidents such as the cyberattack on Central Coalfields Limited, a Coal India subsidiary targeted on May 7, signaled a strategic shift towards hitting upstream fuel supply…
Read More

The International Organisation of Supreme Audit Institutions (INTOSAI) adopted a 2026-28 Work Plan emphasizing cybersecurity and remote audits using IoT technologies during its recent meeting in Hyderabad, hosted by India’s Comptroller and Auditor General. The event featured global participation and highlighted India’s initiatives, including a Large Language Model for audit reports and an AI/ML certification program. Key discussions revolved around leveraging technology to enhance public auditing and governance. This engagement underscores India’s leadership in global audit practices and the i…
Read More

Vietnam’s National Credit Information Center has reported a cyber attack, with initial assessments indicating a potential personal data breach. The Vietnam Cyber Emergency Response Center (VNCERT), alongside various cybersecurity firms and the Ministry of Public Security, has initiated measures to address the incident and secure the network. VNCERT has urged organizations, particularly banks, to comply with national cybersecurity standards and cautioned the public against using any leaked data. This incident highlights the increasing vulnerability of financial institutions to cyber threats, un…
Read More

Huawei’s network security firewalls have been ranked No. 1 in China’s market share for the first half of 2025, demonstrating significant advancements in cybersecurity technology. The firewalls feature AI-powered threat detection, enhancing operational efficiency and resource allocation through an Adaptive Security Engine. With a peak throughput of 4 Tbps, they are designed for high-bandwidth needs, while their multi-level reliability ensures uninterrupted business operations. Huawei’s continued investment in innovation highlights its commitment to building comprehensive zero-trust security n…
Read More