News

A sophisticated phishing campaign called ClickFix has been targeting users searching for legitimate software like Tailscale. Attackers create fake websites that closely resemble the genuine product pages, tricking users into downloading malicious files or entering credentials. The campaign exploits search engine results to appear as legitimate alternatives. Once users interact with these fake sites, they risk compromising sensitive information and system security. Indian users should verify URLs carefully before downloading software and use official websites or app stores instead of relying solely on search results. Enable two-factor authentication on important accounts for additional protection. Source: Cybersecurity Research.

Google's threat intelligence team reports that cybercriminals are increasingly using artificial intelligence for sophisticated attacks. Threat actors have leveraged AI to discover vulnerabilities and develop zero-day exploits for mass exploitation campaigns. State-sponsored groups from China and North Korea are actively pursuing AI-based vulnerability discovery methods. Hackers are also using AI to generate polymorphic malware that evades security defenses through automated obfuscation. A particularly concerning development is autonomous malware like PROMPTSPY, which uses AI models to interpret systems and dynamically generate attack commands without human intervention. This represents a shift toward scaled, adaptive cyber operations where AI handles operational tasks independently. Source: Google Threat Intelligence Group.

Cybercriminals are leveraging artificial intelligence to enhance device code phishing campaigns, making attacks more sophisticated and difficult to detect. Device code phishing exploits the OAuth authentication flow by tricking users into authorizing malicious applications through fake login prompts. The AI component enables attackers to personalize messages, improve targeting accuracy, and automate large-scale campaigns efficiently. These attacks often bypass traditional security measures by appearing legitimate and requesting device code verification instead of passwords directly. Indian users should remain vigilant when approving device authentications and verify application legitimacy before granting permissions. Organizations are advised to implement multi-factor authentication and user awareness training to mitigate risks. Source: Cybersecurity industry reports.

Liquefied petroleum gas (LPG) customers in India are being targeted by a new fraudulent scheme involving fake one-time passwords (OTPs). Scammers are impersonating legitimate LPG providers and sending fake OTP messages to customers' mobile phones. These messages appear authentic and aim to trick users into revealing sensitive information or authorizing unauthorized transactions. Victims may experience unauthorized access to their accounts, leading to financial losses or service disruptions. Authorities advise customers to never share OTPs with anyone, verify caller identity through official channels, and report suspicious messages to their LPG provider immediately. Source: INDToday.

India's major LPG distributors—Indane, HP Gas, and Bharat Gas—have issued alerts to customers regarding fraudulent delivery schemes exploiting one-time passwords (OTPs). Scammers are targeting consumers by impersonating delivery personnel and tricking them into sharing OTPs, which are then misused to authorize unauthorized transactions or divert genuine deliveries. The gas companies urge customers to never share OTPs with anyone, verify caller identities before providing credentials, and report suspicious activities immediately. This advisory highlights the growing menace of social engineering attacks targeting essential commodity deliveries in India. Source: The Indian Express.

Major LPG distributors Indane, HPCL, and Bharat Gas have introduced updated guidelines to prevent OTP-based delivery scams affecting Indian consumers. Fraudsters have been intercepting one-time passwords sent during online LPG bookings and delivery processes, enabling unauthorized cylinder refills and financial losses. The new protocols include improved verification procedures, customer alerts about OTP sharing risks, and stricter authentication methods. These measures aim to protect users from falling victim to social engineering tactics where scammers pose as delivery personnel or company representatives to extract sensitive information. Consumers are urged to never share OTPs with anyone and verify official contacts directly through registered helplines. Source: Hindustan Times.

Researchers have created Phishing Arena, a competitive framework where multiple artificial intelligence agents face off to study email security threats. This tournament-style setup uses large language models (LLMs) to simulate both attackers and defenders, helping identify vulnerabilities in email-based phishing defenses. By pitting AI agents against each other in realistic scenarios, scientists can better understand how sophisticated phishing attacks work and develop stronger protection mechanisms. The research provides valuable insights into adversarial tactics and contributes to improving email security systems that protect users from fraudulent messages designed to steal credentials and personal information. This approach helps organizations anticipate emerging phishing techniques before they're deployed in real-world attacks. Source: Security Research Publication.

A newly identified ransomware campaign dubbed 'Canvas' represents a distinct threat in the cybersecurity landscape, employing novel attack techniques that differ from traditional ransomware operations. The attack demonstrates sophisticated methods for infiltrating systems and encrypting critical data while threatening data exposure. Security researchers have identified unique characteristics in the Canvas malware's behavior, including its distribution mechanism and encryption protocols. This emerging threat highlights evolving cybercriminal tactics that pose significant risks to organizations globally. Cybersecurity experts recommend implementing robust backup strategies, network segmentation, and updated security protocols to defend against this new ransomware variant. The discovery underscores the importance of continuous threat monitoring and incident response preparedness. Source: WIRED.

A cybercriminal group has launched a data extortion attack against Canvas, a widely-used educational technology platform serving thousands of schools and universities across the United States. The attackers defaced the platform's login page with a ransom demand, threatening to leak personal information of approximately 275 million students and faculty members from nearly 9,000 educational institutions. The breach has disrupted classes and coursework nationwide, causing significant operational disruptions. Such attacks on educational infrastructure highlight the vulnerability of institutions handling sensitive student data and the growing sophistication of cybercriminals targeting the education sector. Source: Cybersecurity news outlet.

Operation Sindoor, India's cyber security initiative, completes its first year of implementation. The operation focuses on strengthening the nation's cyber preparedness and defense mechanisms against growing digital threats. Officials assess progress in establishing robust cybersecurity frameworks, enhancing incident response capabilities, and coordinating across government agencies. The review examines achievements in threat detection, infrastructure protection, and public awareness campaigns. India continues developing its cyber defense strategy to counter evolving threats from cybercriminals and state-sponsored actors. The assessment provides insights into current readiness levels and identifies areas requiring further strengthening to protect critical infrastructure and citizen data. Source: Observer Research Foundation.

Authorities have arrested members of an interstate criminal network that exploited deepfake technology to commit fraud using Aadhaar identities. The gang created synthetic videos and manipulated biometric data to illegally secure loans by impersonating victims. This sophisticated scheme targeted the Aadhaar system, India's unique identification platform, to gain unauthorized access to financial services. The arrest highlights growing concerns about deepfake misuse in identity fraud and highlights vulnerabilities in loan verification processes. Investigators recovered digital evidence and financial records from the accused. This case underscores the need for stronger authentication measures and awareness about deepfake threats among financial institutions and citizens. Source: NDTV.

Security researchers have analyzed the vulnerability landscape for the first quarter of 2026, identifying emerging threats and attack vectors facing organizations globally. The report highlights key vulnerability trends, including newly discovered exploits, affected software systems, and critical security gaps that cybercriminals are actively targeting. Understanding these vulnerability patterns helps Indian businesses and individuals strengthen their defenses against potential cyber attacks. The analysis provides insights into which systems remain most vulnerable and recommends prioritizing security patches and updates. Organizations are advised to monitor these vulnerability developments closely and implement timely security measures to protect their digital assets and user data from exploitation. Source: Securelist.