The Indian Navy is set to host a seminar on the “Impact of Cyber Attacks on the Maritime Sector and Its Effects on National Security and International Relations” on October 16, 2025, at the Sushma Swaraj Bhawan in New Delhi. The event, featuring keynote remarks by Minister of State Shri Jitin Prasada, aims to enhance collaboration among stakeholders to bolster cybersecurity in the maritime domain. Panel discussions will cover global cyber threats, civil-military partnerships, and …

Google has issued a critical security update for its Chrome browser following the discovery of a severe use-after-free vulnerability, tracked as CVE-2025-11756, which could enable cybercriminals to execute arbitrary code on users’ systems. This flaw, affecting the Safe Browsing component of Chrome, poses significant risks, particularly for desktop users in India, where the browser is widely utilized. The Indian Computer Emergency Response Team (CERT-IN) has cautioned users that attackers could exploit this vulnerability by sending …

Microsoft has addressed 183 security flaws in its products, including three zero-day vulnerabilities under active exploitation. Notably, CVE-2025-24990 and CVE-2025-59230, both affecting the Windows Agere Modem Driver and Windows Remote Access Connection Manager respectively, could allow attackers to execute code with elevated privileges. Additionally, a Secure Boot bypass vulnerability in IGEL OS poses significant risks, particularly for traveling employees. These vulnerabilities have been added to the U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities …

SAP released a critical security update in October 2025 addressing a severe vulnerability in its NetWeaver software that allows attackers to take control of affected systems without needing a password. This flaw, present in the NetWeaver AS Java server, lets hackers send harmful commands through an open port, risking full system compromise. In India, where SAP NetWeaver is widely used by large enterprises and government sectors, this poses a significant risk to business operations. SAP …

The Chinese state-sponsored hacking group Flax Typhoon exploited vulnerabilities in the widely used ArcGIS geospatial mapping software to maintain covert access for over a year. By compromising a public-facing ArcGIS server and deploying a malicious server object extension, Flax Typhoon turned trusted software features into a persistent backdoor that survived system recoveries through embedded backups. This allowed them to execute commands stealthily, establish covert VPN channels, and conduct lateral movement within networks. In India, ArcGIS …

Cybersecurity researchers disclosed two critical vulnerabilities, CVE-2023-40151 and CVE-2023-42770, in Red Lion Sixnet RTUs, both rated 10.0 on the CVSS scale. These flaws enable unauthenticated attackers to bypass authentication and execute root-level commands, affecting SixTRAK and VersaTRAK series devices. Exploiting TCP and UDP communication protocol weaknesses, attackers gain full control over these industrial control units extensively used in energy, water, wastewater, transportation, and utilities sectors. Red Lion, a key industrial automation hardware provider in India’s …

A new Android malware campaign, identified as GhostBat RAT, targets Indian users by masquerading as fake Regional Transport Office (RTO) applications to steal banking data and personal information. Utilizing deceptive methods such as phishing pages that imitate the legitimate mParivahan app, the malware employs sophisticated multistage dropper techniques, including ZIP header manipulation and extensive string obfuscation, to evade detection. Victims are tricked into providing sensitive information, including their UPI PINs, through counterfeit interfaces. This alarming …

U.S. cybersecurity company F5 has revealed that nation-state hackers breached its systems, stealing undisclosed security vulnerabilities and source code related to its flagship BIG-IP product. The breach, which F5 discovered on August 9, 2025, allowed attackers long-term access to critical systems, although the company asserts there is no evidence that the stolen information has been exploited in attacks. While the U.S. government requested a delay in public disclosure to protect critical systems, F5 maintains that …

A newly disclosed vulnerability in FortiOS, tracked as CWE-684, allows local authenticated attackers to execute arbitrary system commands via malicious CLI inputs across multiple versions, including 6.4 to 7.6. This flaw raises significant security risks for organizations, enabling potential privilege escalation, unauthorized modifications, and persistent malware installation. Fortinet has advised immediate upgrades to patched versions to mitigate the threat and protect enterprise environments. Given FortiOS’s widespread use, the vulnerability underscores a critical need for robust …

In 2025, hacktivist networks have increasingly utilized Telegram as their primary platform for organizing cyberattacks and disseminating propaganda, marking a shift from covert operations to more visible campaigns aimed at broad influence. An analysis of over 11,000 posts from over 120 groups indicates that Distributed Denial of Service (DDoS) attacks dominate their activities, with 61% of reported incidents being DDoS-related. The use of hashtags has emerged as a key communication strategy, reflecting evolving alliances and …

Taiwan has reported a significant surge in cyberattacks, attributed largely to China, reaching an alarming average of 2.8 million daily attacks in 2023, a 17% increase from the previous year. The National Security Bureau revealed that critical sectors such as medical systems, defense, telecommunications, and energy have been primary targets of these systemic cyber operations, which aim to undermine public trust in government defenses. In a reciprocal claim, China has accused Taiwan of conducting its …

The Vellore Institute of Technology (VIT), Chennai, in collaboration with Australia’s Deakin University, has launched a dual-degree program in Cyber Security, allowing Indian students to obtain a B. Tech in Computer Science and Engineering (Cyber Security) from VIT and a Bachelor of Cyber Security (Honours) from Deakin. This initiative reflects a commitment to enhancing educational pathways in emerging technology, providing students with a comprehensive foundation in network security and digital forensics. The partnership aims to …

India’s adoption of secure enterprise browsers is accelerating, with Chrome Enterprise Premium leading the market due to its advanced security features and management capabilities. As of September 2025, Chrome commands a substantial 87.39% share across India, with desktop usage at 84.13%. Industry experts highlight that Chrome’s widespread acceptance stems from its compatibility with cloud-based platforms, essential for sectors like defense and industry aiming to shift from standalone applications to web-based solutions. However, competitors are gaining …