Browsing: Cyber Incidents

Chinese state-linked hackers have compromised mobile phones connected to senior figures within the UK government, according to findings from ongoing intelligence and security investigations. The breach was detected after authorities identified unauthorized access to communications linked to individuals involved in sensitive government and policy matters. Investigators assess that the operation was designed for silent surveillance and long-term intelligence collection, not for disruption, financial fraud, or data destruction. UK officials concluded that the activity bears the hallmarks of a state-sponsored cyber-espionage operation aligned with Chinese interests, based on technical indicators, infrastructure analysis, and intelligence shared with allied nations. The attackers focused…

A serious case of digital arrest fraud that took place in Surat, Gujarat, has reached a key stage after the main accused was arrested at Delhi International Airport on 26 January 2026. The case involves online fraud worth ₹1.71 crore, carried out by impersonating law-enforcement officials. How the Incident Happened The incident began in December 2024, when the victims started receiving calls and WhatsApp video calls from unknown individuals. The callers introduced themselves as police and cyber crime officers. During the calls, the victims were told that their bank accounts were linked to illegal transactions. They were warned that an…

Nike has initiated an internal cybersecurity investigation after a threat actor group calling itself WorldLeaks claimed it had accessed internal company data and threatened public disclosure. The claim surfaced after WorldLeaks listed Nike on its leak site, alleging possession of internal information. At the time of reporting, the group has not released sample data publicly, and no independent verification of data exfiltration has been confirmed. Nike acknowledged awareness of the claim and stated that it is actively reviewing the situation. The company has not confirmed that a breach has occurred and has not disclosed details regarding the nature or scope…

A resident of Lucknow, Uttar Pradesh, has fallen victim to a cyber fraud after being lured by a fake work-from-home job offer, resulting in a financial loss of ₹11.77 lakh, according to a police complaint. The incident came to light after the victim reported the matter to the cyber crime police. The case highlights the growing threat of online job scams targeting individuals through messaging platforms. How the Fraud Happened The victim was initially contacted through WhatsApp with an offer of an online work-from-home job involving simple digital tasks. To gain trust, the fraudsters made a few small payments, which…

Cybersecurity researchers have recently identified a new ransomware strain named Osiris.This ransomware is notable because it uses a vulnerable but digitally signed driver to bypass endpoint security solutions before encrypting systems. Unlike common ransomware families that rely mainly on phishing emails or simple malware loaders, Osiris operates at a deeper system level. It abuses a known vulnerable driver, commonly referred to as POORTRY, to gain kernel-level privileges. Once loaded, this driver allows the attacker to disable security products such as EDR and antivirus tools silently. After security protections are neutralized, the ransomware proceeds with encryption. By the time encryption begins,…

On 20 January 2026, the Everest ransomware group publicly claimed that it had breached the internal systems of McDonald’s India and exfiltrated approximately 861 GB of data. The claim was posted on the group’s dark-web leak site, where Everest listed McDonald’s India as a victim and threatened to release the stolen data if ransom demands are not met. Along with the claim, the attackers shared sample screenshots of files that they say were taken from the company’s network. These samples reportedly include internal corporate documents, operational records, and files that may contain employee and customer-related information. At the time of…

Recent cybersecurity disclosures have brought attention to a data exposure incident involving Raaga, a popular Indian music streaming platform. According to publicly available breach reports and security research findings, personal information linked to millions of user accounts was found exposed through an unsecured data source, raising concerns about user privacy and platform security. The incident is being referred to as the Raaga data breach, based on the scale of exposed records and the sensitivity of the information involved. What Is Known About the Raaga Data Breach Security researchers reported discovering a database containing user-related records that appeared to be associated…

Microsoft is currently responding to a newly identified Windows zero-day vulnerability that security researchers have confirmed is being actively exploited in real-world attacks. The issue came to light after multiple incident reports showed attackers using the flaw before any official fix was publicly available, which by definition makes it a zero-day. According to the information shared by security researchers, the vulnerability affects a core Windows component that exists across multiple supported versions of the operating system. What makes this case serious is that exploitation was observed before disclosure, indicating that threat actors already had a working exploit while defenders were…

Security researchers have reported a security risk in Google Vertex AI related to its default configuration. The issue allows users with low or read-level permissions to indirectly obtain high-privilege Service Agent access, which can impact enterprise cloud environments. The findings were disclosed by XM Cyber researchers and later reviewed by Google, which stated that the behavior aligns with the current design model. Researchers, however, demonstrated that this design can lead to real-world privilege escalation scenarios. Overview of the Issue Vertex AI uses Service Agents, which are Google-managed identities attached automatically to AI components for internal operations.These Service Agents are granted…

Cybersecurity researchers have uncovered a coordinated attack involving five malicious Google Chrome extensions that were falsely presented as tools related to enterprise platforms like Workday and NetSuite. These extensions were designed to silently take control of user accounts inside corporate environments. The extensions appeared legitimate on the surface but were actually created to steal active login sessions and block security response actions. Malicious Extensions Identified The following five Chrome extensions were confirmed as part of the same attack campaign: Most of these were published under different developer names, but security researchers confirmed they shared the same internal logic and backend…