News

India's Computer Emergency Response Team (Cert-In) has issued a warning to micro, small, and medium enterprises (MSMEs) regarding potential cybercrime threats posed by advanced AI models, including Anthropic's Mythos. The alert highlights how sophisticated artificial intelligence systems could be misused by cybercriminals to conduct large-scale attacks, social engineering schemes, and automated fraud. Cert-In recommends that MSMEs implement robust security protocols, employee training, and monitoring systems to defend against AI-enabled threats. Organizations are advised to stay updated on emerging AI-based attack vectors and adopt preventive measures. Source: The Times of India.

WhatsApp has taken action against fraudulent activity in India by banning 9,400 scam-related accounts from its platform. The move comes as India's Supreme Court reviews the growing menace of digital arrest scams, where criminals impersonate law enforcement officials to extort money from unsuspecting victims. These frauds typically involve threats of legal action and arrest warrants to coerce victims into transferring funds. The Supreme Court's intervention highlights the serious nature of such crimes affecting Indian citizens. WhatsApp's account bans represent the platform's effort to combat misuse, though experts suggest users remain vigilant against social engineering tactics employed by scammers. Source: Daily Pioneer.

Following the emergence of Mythos, India's cybersecurity authority CERT-In has initiated a comprehensive risk assessment across the telecommunications and banking sectors. Financial institutions and telecom operators are evaluating their current security infrastructure and vulnerability management protocols. The development underscores growing concerns about sophisticated cyber threats targeting critical infrastructure in India. Banks and telecom companies are coordinating with regulatory bodies to strengthen defenses against potential attacks. This proactive measure aims to identify and mitigate weaknesses before adversaries can exploit them, ensuring continued protection of sensitive financial and communications systems across the country. Source: MediaNama.

India's Computer Emergency Response Team (CERT-In) has identified frontier artificial intelligence systems as an emerging cybersecurity threat. The warning highlights risks associated with advanced AI technologies that could be exploited for malicious purposes. As AI capabilities expand rapidly, security experts caution that these systems may be leveraged for sophisticated cyber attacks, including automated threat generation and adaptive malware creation. Organizations are advised to implement robust security measures and stay updated on AI-related vulnerabilities. CERT-In continues monitoring the evolving threat landscape to protect India's digital infrastructure from potential AI-driven attacks. Source: The420.in.

India's Computer Emergency Response Team (CERT-In) has released a security advisory cautioning MSMEs, organizations, and individuals about the rising threat of artificial intelligence-driven cyber attacks. The advisory highlights how threat actors are increasingly leveraging AI technologies to launch more sophisticated and targeted attacks. CERT-In recommends implementing robust security measures, keeping systems updated, and training employees on cybersecurity best practices to defend against these evolving threats. Organizations are advised to maintain regular backups and establish incident response protocols. The advisory emphasizes the importance of staying vigilant as cybercriminals continue to adopt advanced technologies for malicious purposes. Source: Moneycontrol.com.

Anthropic, an AI firm, is in discussions with various governments, including India, about enhancing cybersecurity measures before the public launch of its Claude Mythos AI model. This model is expected to reveal major vulnerabilities that could pose risks to critical infrastructure. As the Indian tech industry, represented by Nasscom, pushes for early access to the model, the government aims to better prepare for potential cyber threats. The collaboration is seen as vital for strengthening India's defenses against evolving cyber risks. Source: [publication name].

ADT, a leading home security company, has acknowledged a data breach after being targeted by the ShinyHunters hacking group. This group has reportedly attempted to extort ADT, threatening to release sensitive data unless a ransom is paid. Such breaches underline the growing risks to personal information held by companies, causing concern among customers about the safety of their data. ADT is likely to be investigating the extent of the breach and taking necessary steps to enhance its security measures. Customers are advised to monitor their accounts closely for any suspicious activity. Source: [publication name].

Security agencies in the U.S. and U.K. have issued warnings regarding a malware called Firestarter. This malicious software has been found to remain active on Cisco Firepower and Secure Firewall devices that utilize Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. Despite recent security patches and updates intended to counter threats, Firestarter has proven resilient. Users of these Cisco devices are advised to remain vigilant and consider additional security measures to protect their systems from this persistent malware. Regular monitoring and prompt updates are crucial to mitigate potential risks. Source: [publication name].

OpenAI has introduced a 'bug bounty' program that offers a reward of $25,000 to security researchers who can find ways to bypass the safety features of its latest AI model, GPT-5.5. This initiative aims to encourage vetted experts to identify and report 'jailbreak' prompts that could potentially exploit weaknesses in the model. By engaging external researchers, OpenAI is taking significant steps towards enhancing AI safety and ensuring that its technologies remain secure against adversarial threats. This proactive approach reflects the company's commitment to maintaining high standards in AI development and deployment. Source: [publication name].

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that a Cisco Firepower device used by a federal agency was compromised in September 2025 by malware known as FIRESTARTER. This malware acts as a backdoor, allowing unauthorized remote access to the device. Despite efforts to patch the system, FIRESTARTER reportedly continues to function, posing ongoing security risks. The malware was also assessed by the U.K.'s National Cyber Security Centre (NCSC). This incident highlights vulnerabilities in cybersecurity measures that can be exploited even after updates are applied. Organizations using similar technology should remain vigilant and enhance their security protocols. Source: [publication name].

US authorities have charged 29 individuals, including a Cambodian senator, for their involvement in a financial fraud scheme aimed at American citizens. The investigation led to the seizure of over 500 web domains linked to fraudulent investment websites. These sites were allegedly designed to scam individuals by promoting fake investment opportunities. Such operations highlight the ongoing issues of online scams that have far-reaching impacts beyond national borders. It serves as a reminder for internet users to exercise caution when engaging in online investments or financial transactions. Source: [publication name].

NASA's Office of Inspector General reported on a phishing scheme where a Chinese national impersonated a U.S. researcher to steal sensitive information from NASA and various other entities, including the government, educational institutions, and private companies. This operation aimed to gather critical data unlawfully in violation of export control laws. The incident highlights the ongoing risks of cyber-attacks on organizations involved in national defense and space exploration, emphasizing the need for heightened cybersecurity measures and awareness among employees. Such campaigns can severely impact national security and industry integrity. Source: [publication name].