Category: Privacy/Governance Feed

Researchers uncover a new data theft and extortion group dubbed “BlackFile” – Read More  –  

The “fast16” malware may have been used to target Iran’s nuclear program prior to Stuxnet – Read More  –  

UK government Minister confirms that breached health records of UK Biobank volunteers were up for sale on Chinese ecommerce platforms before being removed – Read More  –  

AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting – Read More  –  

Malicious npm packages spread via worm-like propagation and steal developer credentials – Read More  –  

Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents – Read More  –  

Apple patches iOS flaw that retained deleted notifications, exposing message data – Read More  –  

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies – Read More  –  

Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents – Read More  –  

Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year – Read More  –  

The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS – Read More  –  

macOS LOTL techniques bypass detection using native tools and metadata abuse – Read More  –  

The UK’s cybersecurity agency said the devices will be available for purchase by organizations around the world – Read More  –  

UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pledge, sparking industry debate – Read More  –  

Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse – Read More  –  

A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat – Read More  –  

Infrawatch says ProxySmart platform enables SIM farm activity at “industrial scale” – Read More  –  

The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns – Read More  –  

NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil – Read More  –  

Russian crypto-exchange Grinex claims Western intelligence agencies were behind a $13m heist – Read More  –  

Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections – Read More  –  

Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security Alliance report – Read More  –  

North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO – Read More  –  

Cloud app developer Vercel appears to have suffered a security breach – Read More  –  

The financing sector is on the verge of a turning point. With the development of quantum computing beyond theoretical… The post Quantum-Ready Banking Starts with CryptoBind: HSM + Vault + KMS Strategy appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities – Read More  –  

Formbook attacks use combination of DLL Side-Loading and Obfuscated JavaScript to stay hidden, researchers at WatchGuard have uncovered – Read More  –  

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices – Read More  –  

The National Cyber Security Centre has shared an update of its resilience-building efforts for the NHS – Read More  –  

Coordinated action by FBI, Europol and others seizes infrastructure, makes arrests – and sends warning letters to known DDoS service users – Read More  –  

AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds – Read More  –  

APK malformation tactic now appears in over 3000 Android malware samples evading static analysis – Read More  –  

US authorities jail two Americans for aiding North Korean laptop farm scams that infiltrated over 100 firms – Read More  –  

Tennessee’s CRMC notifies over 337,000 patients of Rhysida ransomware breach exposing sensitive data – Read More  –  

NIST’s National Vulnerability Database will now prioritize enriching new and exploited flaws to address the record growth of reported CVEs – Read More  –  

Ox Security claims as many as 200,000 servers are exposed by newly discovered MCP vulnerability – Read More  –  

Halcyon says ransomware now accounts for more than two-fifths of cyber-attacks targeting carmakers – Read More  –  

Triad Nexus scales $200m scams, uses infrastructure laundering, localized fraud and US-access blocks – Read More  –  

OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing – Read More  –  

108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure – Read More  –  

Huntress uncovers adware deploying AV-killing payloads via signed updates across 23,000 endpoints – Read More  –  

The EU cybersecurity agency looks to become the third Top-Level Root CVE Numbering Authority, alongside CISA and MITRE – Read More  –  

Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8 – Read More  –  

Barracuda says 88% of brute-force attempts in Q1 were from the region – Read More  –  

At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future – Read More  –  

The PCI DSS 4.0 embodies a paradigm shift on payment data security- that of compliance checklists to on-going, risk-based… The post PCI DSS 4.0 roadmap for DPOs using vault appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months – Read More  –  

The AISI has issued its judgement on Anthropic’s Mythos Preview model – Read More  –