News

Multi-factor authentication (MFA) was designed to prevent unauthorized access even when passwords are compromised. However, attackers have discovered a simpler approach: instead of stealing the second authentication factor, they manipulate users into voluntarily providing it. This technique, known as MFA prompt bombing, exploits human psychology by overwhelming users with repeated authentication requests until they approve access out of frustration or confusion. The attack bypasses traditional security measures by targeting the user rather than the technology. Organizations relying solely on MFA should implement additional safeguards like notification monitoring and user education to recognize such social engineering tactics. Source: Security Industry Publication.

India's CERT-In has released updated guidelines mandating organizations to patch critical vulnerabilities in internet-facing systems within 12 hours when feasible. This directive addresses growing concerns about threat actors leveraging artificial intelligence tools and large language models to automate vulnerability discovery and exploitation. The accelerated patching timeline aims to reduce the window of opportunity for attackers using AI-assisted techniques to compromise systems. Organizations are advised to prioritize remediation of internet-exposed flaws to strengthen their security posture against evolving AI-powered cyber threats. Source: CERT-In Advisory.

Traditional compliance approaches treat governance as a final review step after product development. This model fails for AI systems that continuously evolve—retrieval indices update, new tools are added, and evaluations become outdated between review cycles. Most organizations still govern AI like traditional software: build, ship, then seek legal approval. This leaves critical changes unmonitored. Chinese AI companies demonstrate an alternative: embedding governance directly into deployment pipelines as release infrastructure. Compliance checkpoints become mandatory gates before launch, not post-release reviews. This approach requires tracking live retrieval indices, setting output-monitoring thresholds, and tying model evaluations to enforceable release gates. Making governance part of the product development process rather than an external audit layer better addresses AI's dynamic nature and ensures safety throughout the system's lifecycle. Source: Original tech publication.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated all federal agencies to patch a critical SQL injection vulnerability in Drupal, a widely-used content management system. The vulnerability is currently being actively exploited by threat actors in the wild. Agencies have been given a strict deadline of Wednesday evening to secure their systems. SQL injection flaws allow attackers to manipulate database queries, potentially leading to unauthorized data access, modification, or deletion. This vulnerability poses significant risk to government infrastructure and sensitive data. Organizations worldwide using Drupal should also prioritize applying security patches immediately. Source: CISA.

Bengaluru police have arrested six individuals involved in a massive Rs 24 crore fraud scheme operating under the guise of 'digital arrest'. The scam involved impersonating law enforcement and financial officials to deceive victims into transferring money. Perpetrators used social engineering tactics, claiming victims had violated financial regulations or were involved in illegal activities. They pressured victims to move funds to fake secure accounts controlled by the criminals. The operation targeted multiple victims across the city, demonstrating the sophistication of cyber-fraudsters exploiting citizens' fear of legal consequences. Authorities recovered substantial amounts during the arrests and are investigating the network's full extent. Source: MSN.

Microsoft has identified a bug in Windows Server 2016 systems following installation of the KB5087537 May 2026 security patch. The issue prevents domain controller lookups from functioning properly, potentially disrupting network authentication and directory services. Affected organizations may experience connectivity problems within their Active Directory infrastructure. Microsoft is investigating the matter and working on a resolution. Administrators managing Windows Server 2016 environments should monitor system performance and consider delaying the update deployment until a fix is released. This known issue highlights the importance of testing security patches in non-production environments before full rollout. Source: Microsoft.

A state-sponsored Iranian hacking group known as Nimbus Manticore has launched a new cyber campaign using phishing emails and search engine manipulation. The attackers impersonate legitimate organizations in aviation and software industries to target users across the United States, Europe, and Middle East. The campaign deploys malware variants called MiniFast and MiniJunk V2. Security researchers attribute this activity to geopolitical tensions following military operations in late February 2026. The group uses deceptive tactics to trick victims into downloading malicious files. Indian users should remain cautious of suspicious emails claiming to be from aviation or software companies and verify sender authenticity before opening attachments. Source: Cybersecurity News.

Cybercriminal group ShinyHunters compromised 7-Eleven's systems in April, stealing personal information of over 183,000 individuals, according to Have I Been Pwned, a data breach notification service. The convenience store chain fell victim to the extortion-focused gang, which gained unauthorized access to customer records. Affected individuals may face identity theft and fraud risks. 7-Eleven customers should monitor their accounts for suspicious activity and consider placing fraud alerts with credit bureaus. The breach highlights ongoing security vulnerabilities in retail sector databases, emphasizing the need for stronger cybersecurity measures among major corporations handling sensitive customer data. Source: Have I Been Pwned.

Zero-knowledge encryption, a security method designed to protect user privacy, may fail to prevent password theft during server breaches. Even with this advanced encryption technique, if attackers gain unauthorized access to servers, they could potentially extract stored passwords. Security experts warn that zero-knowledge encryption alone is insufficient protection. Organizations must implement multi-layered security measures including strong authentication protocols, regular security audits, and immediate breach response procedures. Users are advised to enable two-factor authentication and use unique passwords across platforms. This highlights the importance of comprehensive cybersecurity strategies beyond encryption alone. Source: Original publication.

A high-severity flaw in Digital Knowledge's KnowledgeDeliver Learning Management System (CVE-2026-5426, CVSS 7.5) was exploited by attackers before being patched. The vulnerability, caused by hard-coded ASP.NET machine keys, allowed attackers to deploy the Godzilla web shell and subsequently launch Cobalt Strike Beacon malware. The LMS is widely used in educational institutions, particularly in Japan. Organizations running affected versions should apply patches immediately to prevent unauthorized access and malware installation. Source: Cybersecurity News.

Italian telecommunications company BASE S.p.A. has fallen victim to a ransomware attack attributed to the SpaceBears threat group. The attackers encrypted the company's systems and likely exfiltrated sensitive data. BASE S.p.A. is one of Italy's major mobile network operators serving millions of customers. This incident highlights the growing threat ransomware poses to critical infrastructure and telecom providers across Europe. Organizations are advised to maintain robust backup systems, implement multi-factor authentication, and develop incident response plans to mitigate ransomware risks. Source: DeXpose.

WhatsApp has banned approximately 9,400 accounts involved in digital arrest scams operating across India, according to information presented to the Supreme Court. These fraudulent accounts were being used to deceive users through fake police impersonation and threats of legal action. The messaging platform's action represents efforts to curb the growing menace of digital arrest scams that have victimized thousands of Indians. The government highlighted these enforcement measures during court proceedings, demonstrating coordinated responses between tech platforms and authorities to combat organized online fraud targeting vulnerable citizens. Source: MSN.