Category: Privacy/Governance Feed

OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages – Read More  –  

A high severity vulnerability in Google Chrome and allows remote attackers to execute code – Read More  –  

Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations – Read More  –  

Dutch telco Odido has revealed a major data breach impacting over six million customers – Read More  –  

G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk – Read More  –  

Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX – Read More  –  

As the Digital Personal Data Protection Act moves into active enforcement, many organisations across India are reviewing one of… The post How to Rewrite Your Privacy Notice for DPDP Compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns – Read More  –  

Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle – Read More  –  

New TrendAI report warns that most security tools can’t protect against attacks on AI skills artifacts – Read More  –  

Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation – Read More  –  

Digital Personal Data Protection (DPDP) Act has changed India’s focus of compliance to data collection to rights-based accountability. Companies are no… The post Data Principal Rights Under DPDP: How to Operationalize Requests in 15 Days appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware – Read More  –  

A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia – Read More  –  

This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed – Read More  –  

Six actively exploited zero-day bug have been patched by Microsoft – Read More  –  

High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files – Read More  –  

ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access – Read More  –  

Picus Security warns of the increasingly sophisticated ways malicious activity is staying hidden – Read More  –  

Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation – Read More  –  

NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers – Read More  –  

The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches – Read More  –  

The Digital Personal Data Protection (DPDP) Act in India transforms the privacy compliance documentation of companies to user experience… The post Designing DPDP Compliant Consent and Notice Flows appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution – Read More  –  

VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds – Read More  –  

Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms – Read More  –  

Revolut claims social media sites make £3.8bn annually from scam ads targeting European users – Read More  –  

The services of Florida-based payments platform BridgePay are offline due to a ransomware attack – Read More  –  

SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack – Read More  –  

CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks – Read More  –  

Substack did not specify the number of users affected by the data breach – Read More  –  

DKnife is a Chinese made malware framework that targets Chinese-based users – Read More  –  

Infosecurity Europe 2026 will debut a new Cyber Startup Programme, featuring a dedicated show-floor zone for early-stage cybersecurity companies to showcase innovations, connect with investors and highlight emerging technologies – Read More  –  

Cryptography has become the invisible infrastructure of the digital economy. Every payment, every identity, every medical record, and every… The post Industry-Aligned Cryptography by CryptoBind appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Cellebrite data confirms digital evidence is now central to almost all cases – Read More  –  

Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests – Read More  –  

Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation – Read More  –  

Pindrop warns of 1210% increase in AI-powered fraud last year – Read More  –  

The Digital Personal Data Protection (DPDP) Act, 2023 in India has been a pivot in the privacy debate moving it… The post Are You a Data Fiduciary or a Significant Data Fiduciary? Here’s How to Classify Yourself  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure – Read More  –  

ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops – Read More  –  

Cofense claims AI is making phishing emails more personalized and sophisticated – Read More  –  

Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks – Read More  –  

CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog – Read More  –  

40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin – Read More  –  

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project – Read More  –  

UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform – Read More  –  

DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon – Read More  –  

A new ransomware-as-a-service operation dubbed “Vect” features custom malware – Read More  –  

Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026 – Read More  –