News

Cybersecurity experts found that a malicious code was embedded within the npm package named '@validate-sdk/v2'. This package is marketed as a software development kit (SDK) for various functions, including hashing and validation. The researchers linked this suspicious activity to North Korean cybercriminals, who are reportedly using artificial intelligence to enhance their attack methods. The package was used as a dependency in a project associated with Anthropic's Claude Opus language model. Users are advised to exercise caution when downloading and utilizing npm packages, as malicious software can pose serious risks. Source: [publication name].

India's Computer Emergency Response Team (CERT-In) has issued a warning to micro, small, and medium enterprises (MSMEs) about escalating cybersecurity threats powered by artificial intelligence. The advisory highlights how attackers are increasingly leveraging AI tools to conduct sophisticated attacks against small businesses, which often lack robust security infrastructure. CERT-In recommends MSMEs implement enhanced security measures, conduct regular employee training on cyber threats, and establish incident response protocols. The warning emphasizes that AI-driven attacks can be more targeted and difficult to detect than traditional methods. Businesses are urged to stay vigilant and report suspicious activities to authorities. Source: The Cyber Express.

India's Computer Emergency Response Team (Cert-In) has issued a warning about emerging cybersecurity threats powered by artificial intelligence. The advisory highlights how AI technologies are being exploited by cybercriminals to launch more sophisticated attacks. Cert-In has outlined specific protection measures for individuals and organizations to defend against these AI-led threats. The guidance emphasizes the importance of staying updated with security patches, using strong authentication methods, and maintaining vigilance against evolving attack vectors. As AI-powered cyberattacks become increasingly prevalent, following these recommended security practices can help reduce vulnerability to malicious activities and data compromise incidents. Source: Business Standard.

India's Computer Emergency Response Team (Cert-In) has issued a warning to micro, small, and medium enterprises (MSMEs) regarding potential cybercrime threats posed by advanced AI models, including Anthropic's Mythos. The alert highlights how sophisticated artificial intelligence systems could be misused by cybercriminals to conduct large-scale attacks, social engineering schemes, and automated fraud. Cert-In recommends that MSMEs implement robust security protocols, employee training, and monitoring systems to defend against AI-enabled threats. Organizations are advised to stay updated on emerging AI-based attack vectors and adopt preventive measures. Source: The Times of India.

India's Computer Emergency Response Team (CERT-In) has identified frontier artificial intelligence systems as an emerging cybersecurity threat. The warning highlights risks associated with advanced AI technologies that could be exploited for malicious purposes. As AI capabilities expand rapidly, security experts caution that these systems may be leveraged for sophisticated cyber attacks, including automated threat generation and adaptive malware creation. Organizations are advised to implement robust security measures and stay updated on AI-related vulnerabilities. CERT-In continues monitoring the evolving threat landscape to protect India's digital infrastructure from potential AI-driven attacks. Source: The420.in.

India's Computer Emergency Response Team (CERT-In) has released a security advisory cautioning MSMEs, organizations, and individuals about the rising threat of artificial intelligence-driven cyber attacks. The advisory highlights how threat actors are increasingly leveraging AI technologies to launch more sophisticated and targeted attacks. CERT-In recommends implementing robust security measures, keeping systems updated, and training employees on cybersecurity best practices to defend against these evolving threats. Organizations are advised to maintain regular backups and establish incident response protocols. The advisory emphasizes the importance of staying vigilant as cybercriminals continue to adopt advanced technologies for malicious purposes. Source: Moneycontrol.com.

Following the emergence of Mythos, India's cybersecurity authority CERT-In has initiated a comprehensive risk assessment across the telecommunications and banking sectors. Financial institutions and telecom operators are evaluating their current security infrastructure and vulnerability management protocols. The development underscores growing concerns about sophisticated cyber threats targeting critical infrastructure in India. Banks and telecom companies are coordinating with regulatory bodies to strengthen defenses against potential attacks. This proactive measure aims to identify and mitigate weaknesses before adversaries can exploit them, ensuring continued protection of sensitive financial and communications systems across the country. Source: MediaNama.

Security agencies in the U.S. and U.K. have issued warnings regarding a malware called Firestarter. This malicious software has been found to remain active on Cisco Firepower and Secure Firewall devices that utilize Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. Despite recent security patches and updates intended to counter threats, Firestarter has proven resilient. Users of these Cisco devices are advised to remain vigilant and consider additional security measures to protect their systems from this persistent malware. Regular monitoring and prompt updates are crucial to mitigate potential risks. Source: [publication name].

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that a Cisco Firepower device used by a federal agency was compromised in September 2025 by malware known as FIRESTARTER. This malware acts as a backdoor, allowing unauthorized remote access to the device. Despite efforts to patch the system, FIRESTARTER reportedly continues to function, posing ongoing security risks. The malware was also assessed by the U.K.'s National Cyber Security Centre (NCSC). This incident highlights vulnerabilities in cybersecurity measures that can be exploited even after updates are applied. Organizations using similar technology should remain vigilant and enhance their security protocols. Source: [publication name].

A Chinese state-sponsored cyber group known as Tropic Trooper has been expanding its tactics and targets. This group has historically employed rapid attack methods and unconventional strategies. Recently, it has begun focusing more on home routers and various Japanese organizations. Their range of tools and techniques suggest an evolving threat landscape, calling for increased vigilance among users and companies alike. The group's actions underline the importance of securing network devices to prevent potential compromises. Organizations are advised to bolster their cybersecurity measures and stay informed about emerging threats.

A significant security flaw has been discovered in the Breeze Cache plugin used for WordPress. This vulnerability enables hackers to upload unauthorized files to a web server without the need for proper authentication. As a result, site owners using this plugin are advised to update it immediately to prevent potential exploitation. The flaw underscores the importance of maintaining up-to-date security measures for website plugins to safeguard against hacking attempts. Website administrators should review their current plugin usage and ensure that all software is current to mitigate security risks. Source: [publication name].

State-sponsored hacking groups from China are increasingly utilizing networks of compromised devices, known as botnets, to carry out cyberattacks. This approach allows them to conduct operations with reduced costs and risks, while maintaining a level of deniability. By industrializing their methods, these hackers can effectively manage large-scale attacks without drawing significant attention. This trend raises concerns over the security of internet-connected devices globally, as compromised devices can be exploited for various malicious activities including data theft and further cyber intrusions. Awareness and proactive measures are necessary to safeguard against such threats. Source: [publication name].