Cyber Attack

New research reveals Telegram as the primary tool for 120+ hacktivist groups to plan DDoS strikes via 11,000 posts and hashtags-exposing worldwide targets. Learn to monitor threats, bolster DDoS defenses, and stay ahead of visible cyber tactics.

GreyNoise reports a 500% spike in attacks on Palo Alto GlobalProtect portals, with 2,200 unique IPs probing SSL VPNs via automated brute-force from US-heavy clusters. Dataset of credentials released; links to Cisco ASA scans suggest broader remote access threats—block IPs and monitor logs now.

Microsoft alerts on cybercriminals and state actors abusing Teams' messaging, calls, and sharing for full attack lifecycle—from reconnaissance with TeamsEnum to exfiltration via GraphRunner and extortion by Octo Tempest. Harden identities, monitor anomalies, and train users to mitigate.

Jammu Cyber Police cracks ₹4.44 crore online fraud, nabbing three Surat suspects for "digital arrest" scam that coerced a businessman via fake law enforcement threats using Aadhaar/SIM data. FIR under IT Act & BNS filed; report scams to 1930 helpline to stay safe.

A hacker alleges stealing Huawei's source code, dev tools, scripts, and manuals in a major breach, offering them on dark web forums—echoing past espionage fears from U.S. warnings, Vodafone backdoors, and NSA hacks. Investigation ongoing amid global security risks.

LayerX uncovers CometJacking, exploiting Perplexity’s AI browser via malicious URLs to steal Gmail/Calendar data—tricks AI into Base64-encoded exfiltration, bypassing safeguards. Urgent call for AI security-by-design amid rising agentic threats.

CVE-2025-43400 enables out-of-bounds writes via malicious fonts, risking app crashes and memory corruption on macOS, iOS, and more—no active exploits yet, but RCE potential. Update to Sequoia 15.7.1 immediately for protection against untrusted files.

The 2026 FIFA World Cup's 48 teams, 104 matches across Canada, Mexico, and USA heighten cyber risks from ransomware and hacktivists, targeting tech-reliant infrastructure. Experts urge collaboration, stable CISA funding, and daily best practices to secure the event.

Check Point uncovers Iranian-aligned Nimbus Manticore's (UNC1549) spear-phishing campaign hitting defense, telecom, and aviation in Denmark, Sweden, Portugal. Fake job portals deliver MiniJunk backdoor and MiniBrowse stealer via advanced DLL side-loading—boost phishing defenses now.

XLab exposes the AISURU botnet, a 300,000-node powerhouse driving 11.5 Tbps DDoS peaks since 2025 via Totolink firmware hacks. Led by Snow, Tom, and Forky, it features ideological Easter eggs; rivals leak evidence amid calls for takedown amid escalating threats.