Category: Privacy/Governance Feed

Sophisticated Python malware uncovered in fraud probe shows obfuscation, disposable infrastructure – Read More  –  

Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers – Read More  –  

A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances – Read More  –  

Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident – Read More  –  

A new FBI Flash alert claims $20m was lost to ATM jackpotting attacks in 2025 alone – Read More  –  

University of Mississippi Medical Center is still scrambling to respond to a ransomware attack last Thursday – Read More  –  

DDoS attack frequency has risen to ‘alarming levels,’ warns Radware report – Read More  –  

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET – Read More  –  

New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows – Read More  –  

Fraud campaign exploiting Indonesia’s Coretax resulted in $1.5m to $2m in losses via malicious apps – Read More  –  

Forescout paper reveals ICS advisories hit a record 508 in 2025 – Read More  –  

A new cybercriminal toolkit uses proxies to mimic popular online services and represents a “significant escalation in phishing infrastructure,” warn researchers at Abnormal – Read More  –  

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched – Read More  –  

Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw – Read More  –  

Since the Digital Personal Data Protection (DPDP) regime in India is already shifting towards enforcement and not interpretation, organizations are coming… The post Choosing and Implementing a DPDP Tech Stack: Consent, Logs, and Governance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics – Read More  –  

AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication – Read More  –  

Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025 – Read More  –  

Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines – Read More  –  

Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development – Read More  –  

iOS 26.4 Beta adds end-to-end encryption for RCS messaging and enhanced Memory Integrity Enforcement – Read More  –  

Teleport study reveals that organizations running over-privileged AI have a 76% incident rate – Read More  –  

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics – Read More  –  

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments – Read More  –  

Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files – Read More  –  

The Digital Personal Data Protection (DPDP) Act is a transformative change in the data protection environment in India, the… The post How to build a DPDP-aligned incident and breach response playbook appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations – Read More  –  

Security researchers have challenged end-to-end encryption claims from popular commercial password managers – Read More  –  

New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo – Read More  –  

OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages – Read More  –  

A high severity vulnerability in Google Chrome and allows remote attackers to execute code – Read More  –  

Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations – Read More  –  

Dutch telco Odido has revealed a major data breach impacting over six million customers – Read More  –  

G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk – Read More  –  

Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at LayerX – Read More  –  

As the Digital Personal Data Protection Act moves into active enforcement, many organisations across India are reviewing one of… The post How to Rewrite Your Privacy Notice for DPDP Compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns – Read More  –  

Google researchers found that government-backed hackers now use AI throughout the whole attack lifecycle – Read More  –  

New TrendAI report warns that most security tools can’t protect against attacks on AI skills artifacts – Read More  –  

Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation – Read More  –  

Digital Personal Data Protection (DPDP) Act has changed India’s focus of compliance to data collection to rights-based accountability. Companies are no… The post Data Principal Rights Under DPDP: How to Operationalize Requests in 15 Days appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware – Read More  –  

A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia – Read More  –  

This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed – Read More  –  

Six actively exploited zero-day bug have been patched by Microsoft – Read More  –  

High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files – Read More  –  

ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access – Read More  –  

Picus Security warns of the increasingly sophisticated ways malicious activity is staying hidden – Read More  –  

Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation – Read More  –  

NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers – Read More  –