Category: Privacy/Governance Feed

The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks – Read More  –  

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution – Read More  –  

An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users – Read More  –  

A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process – Read More  –  

Artificial Intelligence (AI) is reshaping the cybersecurity landscape, enabling organizations to detect threats faster, automate responses, and enhance overall… The post AI Governance in Cybersecurity: Balancing Innovation and Risk appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware – Read More  –  

Highline Public Schools revealed that sensitive personal, financial and medical data was accessed by ransomware attackers during the September 2024 incident – Read More  –  

Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year – Read More  –  

BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors – Read More  –  

A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages – Read More  –  

A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users – Read More  –  

Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily – Read More  –  

Hackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase – Read More  –  

Google has found a significant increase in North Korean actors attempting to gain employment as IT workers in European companies, leading to data theft and extortion – Read More  –  

Gaming community Steam appeared most often in phishing emails and texts detected by Guardio in Q1 2025 – Read More  –  

The UK’s data protection regulator says it is overwhelmed with complaints from the public – Read More  –  

The CERT-UA investigation concluded that the attack’s techniques were “characteristic of Russian intelligence services” – Read More  –  

WP Ultimate CSV Importer flaws expose 20,000 websites to attacks enabling attackers to achieve full site compromise – Read More  –  

A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor – Read More  –  

Google is set to roll out end-to-end encryption for all Gmail users, boosting security, compliance and data sovereignty efforts – Read More  –  

BlueVoyant found that the use of lookalike domains in email-based attacks is allowing actors to extend the types of individuals and organizations being targeted – Read More  –  

A thousand UK service providers will be expected to comply with the forthcoming Cyber Security and Resilience Bill – Read More  –  

CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 – Read More  –  

New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers – Read More  –  

The funding will go to several projects within the Digital Europe Programme (DIGITAL) work program for 2025 to 2027 – Read More  –  

The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927 – Read More  –  

The DoJ has managed to recoup over $8m from scammers, stolen in romance baiting schemes – Read More  –  

The Digital Personal Data Protection Act 2023 (DPDP Act) marks a transformative shift in India’s data privacy landscape, setting… The post The Digital Personal Data Protection (DPDP) Act 2023: Key Challenges and Compliance Framework  appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

Forescout researchers found multiple vulnerabilities in leading solar power system manufacturers, which could be exploited to cause emergencies and blackouts – Read More  –  

Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices – Read More  –  

Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure – Read More  –  

A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel – Read More  –  

Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security – Read More  –  

PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms – Read More  –  

The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties – Read More  –  

Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras – Read More  –  

In an era where data breaches and cyber threats are on the rise, safeguarding sensitive information has become a… The post Vaultless Tokenization and Its Role in PCI DSS Compliance appeared first on JISA Softech Pvt Ltd.  – Read More  – JISA Softech Pvt Ltd 

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens – Read More  –  

The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security – Read More  –  

In its 2025 Global Third-Party Breach Report, SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023 – Read More  –  

Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials – Read More  –  

A newly discovered malware campaign uses malicious npm packages to deploy reverse shells, compromising development environments – Read More  –  

Standards body ETSI has defined a scheme for key encapsulation mechanisms with access control (KEMAC), enabling quantum-secure encryption – Read More  –  

EU security agency ENISA has released a new report outlining the threats and potential mitigations for the space sector – Read More  –  

The UK government’s new fraud minister will today announce plans for a newly expanded fraud strategy – Read More  –  

McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps – Read More  –  

Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms – Read More  –  

NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems – Read More  –  

Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years – Read More  –  

Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools – Read More  –