Category: Privacy/Governance Feed

Amazon researchers believe this campaign is part of a bigger operation spearheaded by Russia’s military intelligence service, the GRU – Read More  –  

US financial services firm Credit700 has revealed a major data breach impacting 5.8 million people – Read More  –  

Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals – Read More  –  

As India moves into the first full year of DPDP Act enforcement, many organisations are realising that compliance is… The post Top 7 DPDP Compliance Challenges for Indian Companies in 2026 appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment – Read More  –  

MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs – Read More  –  

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company – Read More  –  

The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers – Read More  –  

A fundamental change is in progress across the GCC: data privacy is to no longer be a box that… The post Data Privacy vs Compliance: Why Zero Trust Is the Future for GCC Companies appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The National Cyber Security Centre has released new learnings from a cyber deception pilot – Read More  –  

The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach – Read More  –  

The Coupang South Korean unit’s response will be spearheaded by an executive based in the US – Read More  –  

OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks – Read More  –  

A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders – Read More  –  

New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year – Read More  –  

Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit – Read More  –  

Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction – Read More  –  

Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware – Read More  –  

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware – Read More  –  

Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems – Read More  –  

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing – Read More  –  

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug – Read More  –  

December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days – Read More  –  

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement – Read More  –  

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data – Read More  –  

The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection – Read More  –  

Gartner has called for organizations to block today’s AI browsers on security concerns – Read More  –  

A data breach at Marquis Software Solutions due to a firewall flaw has affected over 780,000 people across the US – Read More  –  

A new version of ClayRat Android spyware features enhanced surveillance and device-control features – Read More  –  

Security researchers will now be protected from prosecution in Portugal as long as they meet certain conditions – Read More  –  

React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million instances worldwide – Read More  –  

A Home Office report has revealed racial bias in facial recognition technology used by police – Read More  –  

Barts Health NHS Trust has revealed itself to be the latest victim of Cl0p’s Oracle EBS campaign – Read More  –  

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, posing severe risks for server-side implementations – Read More  –  

CrowdStrike warned that Warp Panda, a China-linked cyber-espionage group, is targeting US organizations to steal sensitive data and support Beijing’s strategic interests – Read More  –  

The French museum is planning to revamp its safety and security systems following a high-profile burglary in October – Read More  –  

Data leaks have shed a new light on Intellexa’s flagship spyware infrastructure and attack vectors – Read More  –  

Cybersecurity agencies have issued guidance for securely integrating AI into OT systems – Read More  –  

UK’s NCSC and Canada’s CCCS release a joint report on content provenance, urging organizations to strengthen digital trust and combat AI-driven misinformation – Read More  –  

The GhostFrame phishing framework, using stealthy iframes, was linked to over 1 million attacks – Read More  –  

ISC2 report reveals 59% of global organizations have critical or significant skills shortages – Read More  –  

The Information Commissioner’s Office has chosen only to reprimand the Post Office after a 2024 breach – Read More  –  

A fresh wave of spear-phishing linked to the Russia-based Star Blizzard group has been detected by Sekoia – Read More  –  

A critical vulnerability in Yearn Finance’s yETH pool allowed an attacker to steal around $9m – Read More  –  

A new cyber defense service has prevented almost one billion early-stage cyber-attacks in the past year, British Security Minister claims – Read More  –  

The UK government’s proposed ransomware payment ban for public sector and critical infrastructure will come with national security exemptions – Read More  –  

A new WEF report reveals that AI-powered threats like disinformation are among executives’ biggest concerns – Read More  –  

The Pall Mall Process begins outreach to define guidelines for private commercial intrusion industry – Read More  –  

Trends toward a digital-first enterprise have already entered watershed data privacy and security in 2026. New regulation, technology and… The post Looking Ahead: 2026 Privacy & Security Trends appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd