Cyber Attack

CVE-2025-43400 enables out-of-bounds writes via malicious fonts, risking app crashes and memory corruption on macOS, iOS, and more—no active exploits yet, but RCE potential. Update to Sequoia 15.7.1 immediately for protection against untrusted files.

The 2026 FIFA World Cup's 48 teams, 104 matches across Canada, Mexico, and USA heighten cyber risks from ransomware and hacktivists, targeting tech-reliant infrastructure. Experts urge collaboration, stable CISA funding, and daily best practices to secure the event.

Check Point uncovers Iranian-aligned Nimbus Manticore's (UNC1549) spear-phishing campaign hitting defense, telecom, and aviation in Denmark, Sweden, Portugal. Fake job portals deliver MiniJunk backdoor and MiniBrowse stealer via advanced DLL side-loading—boost phishing defenses now.

XLab exposes the AISURU botnet, a 300,000-node powerhouse driving 11.5 Tbps DDoS peaks since 2025 via Totolink firmware hacks. Led by Snow, Tom, and Forky, it features ideological Easter eggs; rivals leak evidence amid calls for takedown amid escalating threats.

Major cyberattack on Jaguar Land Rover (JLR) causes Tata Motors shares to drop 4% to ₹655.30; production paused until Oct 1 with ₹560 crore weekly losses, potential ₹21,000 crore damage—exceeding annual profit. Experts urge cyber insurance and resilient IT amid auto sector digital risks.

India's universities endure 7,095 weekly cyberattacks—higher than global averages—due to hybrid models, limited resources, and connected campuses. Check Point report highlights RATs, malware risks; experts urge prevention-first security, AI monitoring, and investment to protect data and research.

Rajya Sabha MP Sudha Murty faces cyber scam call impersonating Telecom Ministry, alleging obscene video misuse and Aadhaar linking threats. FIR under IT Act filed in Bengaluru; police trace fraudster amid rising "digital arrest" tactics targeting high-profile figures.

Trend Micro warns of cybercriminals using AI to create fake CAPTCHA pages that trick users into revealing sensitive data, boosting phishing success rates and challenging cybersecurity defenses.

Russian regional airline KrasAvia suffers a cyberattack causing website outage and halting online ticket sales. Flight operations switch to manual control as investigation continues.

Insight Partners suffered a data breach from a social engineering attack that exposed personal data from HR and finance systems. The breach went undetected for nearly three months before ransomware deployment. Affected users receive identity protection.