cyber news

The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure

cyber news, vulnerability, vulnerability management /

The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure 2026-02-19 at 14:07 By Ashish Khaitan Cyble Research & Intelligence Labs (CRIL) tracked 1,158 vulnerabilities last week. Of these, 251 vulnerabilities already have publicly available Proof-of-Concept (PoC) exploits, significantly increasing the likelihood of real-world attacks.  A total of 94 vulnerabilities were rated critical under CVSS v3.1, while 43 were rated […]

The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure Read More »

India’s AI Revolution: Why This Is India’s Most Significant Moment

cyber news, cybersecurity /

India’s AI Revolution: Why This Is India’s Most Significant Moment 2026-02-19 at 12:07 By Ashish Khaitan By Beenu Arora, Co-Founder and CEO, Cyble  I believe we’re witnessing the most significant event India has ever experienced. The nation stands at the cusp of a major global shift, and I want to share why I’m so bullish about India’s role in the AI

India’s AI Revolution: Why This Is India’s Most Significant Moment Read More »

How the Protective Security Policy Framework Shapes Australia’s Commonwealth Cyber Security Strategy 

ANZ, cyber news, cybersecurity, Threat Intelligence /

How the Protective Security Policy Framework Shapes Australia’s Commonwealth Cyber Security Strategy  2026-02-16 at 13:41 By Ashish Khaitan The Australian government has intensified efforts to protect digital infrastructure across all Commonwealth entities. Two recent publications, the 2024–25 Protective Security Policy Framework (PSPF) Assessment Report and the 2025 Commonwealth Cyber Security Posture Report, offer a comprehensive snapshot of current achievements, challenges, and future priorities in government cyber resilience.  The PSPF Assessment Report highlights

How the Protective Security Policy Framework Shapes Australia’s Commonwealth Cyber Security Strategy  Read More »

When AI Secrets Go Public: The Rising Risk of Exposed ChatGPT API Keys

cyber news /

When AI Secrets Go Public: The Rising Risk of Exposed ChatGPT API Keys 2026-02-12 at 13:16 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) observed large-scale, systematic exposure of ChatGPT API keys across the public internet. Over 5,000 publicly accessible GitHub repositories and approximately 3,000 live production websites were found leaking API keys

When AI Secrets Go Public: The Rising Risk of Exposed ChatGPT API Keys Read More »

France’s Cybersecurity Roadmap: Talent, Deterrence, and European Digital Sovereignty

cyber news, cybersecurity, telecommunications /

France’s Cybersecurity Roadmap: Talent, Deterrence, and European Digital Sovereignty 2026-02-05 at 14:03 By Ashish Khaitan Introduction  France has released its National Cybersecurity Strategy for 2026-2030, and the document reveals an ambitious vision that extends far beyond traditional defense postures. Under the directive of President Emmanuel Macron, who frames cybersecurity as “a prerequisite for freedom” and “a strategic

France’s Cybersecurity Roadmap: Talent, Deterrence, and European Digital Sovereignty Read More »

Desperate Perth Renters Targeted by Rising Australian Housing Scam

ANZ, cyber news, cybercrime, fraud, social engineering, Tech Scam /

Desperate Perth Renters Targeted by Rising Australian Housing Scam 2026-02-02 at 15:39 By Ashish Khaitan For many residents in Perth, finding a rental has become a high-stakes challenge. As demand for housing surges, a troubling trend has just been revealed. An Australian housing scam preying on renters who are willing to stretch every dollar to secure a

Desperate Perth Renters Targeted by Rising Australian Housing Scam Read More »

The Week in Vulnerabilities: Cyble Urges Oracle, OpenStack Fixes

cyber news, vulnerability, vulnerability management /

The Week in Vulnerabilities: Cyble Urges Oracle, OpenStack Fixes 2026-01-28 at 12:33 By Ashish Khaitan Cyble Vulnerability Intelligence researchers tracked 1,031 vulnerabilities in the last week, and nearly 200 already have a publicly available Proof-of-Concept (PoC), significantly increasing the likelihood of real-world attacks on those vulnerabilities.  A total of 72 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 33 received a critical severity rating based on

The Week in Vulnerabilities: Cyble Urges Oracle, OpenStack Fixes Read More »

Critical Infrastructure Attacks Became Routine for Hacktivists in 2025

cyber news, cybercrime, cybersecurity, Hacktivism, Ransomware, Threat Intelligence, Threat Landscape Reports /

Critical Infrastructure Attacks Became Routine for Hacktivists in 2025 2026-01-20 at 14:24 By Ashish Khaitan Hacktivists moved well beyond their traditional DDoS attacks and website defacements in 2025, increasingly targeting industrial control systems (ICS), ransomware, breaches, and data leaks, as their sophistication and alignment with nation-state interests grew.  That was one of the conclusions in Cyble’s exhaustive new 2025 Threat Landscape report, from which this blog was adapted. 

Critical Infrastructure Attacks Became Routine for Hacktivists in 2025 Read More »

deVixor: An Evolving Android Banking RAT with Ransomware Capabilities Targeting Iran

cyber news /

deVixor: An Evolving Android Banking RAT with Ransomware Capabilities Targeting Iran 2026-01-13 at 10:11 By rohansinhacyblecom Executive Summary deVixor is an actively developed Android banking malware campaign operating at scale, targeting Iranian users through phishing websites that masquerade as legitimate automotive businesses. Distributed as malicious APK files, deVixor has evolved from a basic SMS-harvesting threat

deVixor: An Evolving Android Banking RAT with Ransomware Capabilities Targeting Iran Read More »

Initial Access Sales Accelerated Across Australia and New Zealand in 2025

ANZ, cyber news, cybersecurity, Ransomware, Threat Actor, Threat Landscape Reports /

Initial Access Sales Accelerated Across Australia and New Zealand in 2025 2026-01-08 at 15:07 By Ashish Khaitan The cyber threat environment in Australia and New Zealand experienced a new escalation throughout 2025, driven by a surge in initial access sales, ransomware operations, and high-impact data breaches. According to our Threat Landscape Report Australia and New Zealand 2025, threat activity observed between January and November 2025 reveals a

Initial Access Sales Accelerated Across Australia and New Zealand in 2025 Read More »

The Week in Vulnerabilities: The Year Ends with an Alarming New Trend 

cyber news, vulnerability, vulnerability management /

The Week in Vulnerabilities: The Year Ends with an Alarming New Trend  2025-12-31 at 11:30 By Ashish Khaitan Cyble Vulnerability Intelligence researchers tracked 1,782 vulnerabilities in the last week, the third straight week that new vulnerabilities have been growing at twice their long-term rate.  Over 282 of the disclosed vulnerabilities already have a publicly available Proof-of-Concept (PoC), significantly increasing the likelihood of real-world attacks on those vulnerabilities.  A total of 207 vulnerabilities were rated as critical under the CVSS

The Week in Vulnerabilities: The Year Ends with an Alarming New Trend  Read More »

India Criminalizes Tampering with Telecommunication Identifiers and Unauthorized Radio Equipment Under the Telecommunications Act 

cyber news, cybercrime, cybersecurity, telecommunications /

India Criminalizes Tampering with Telecommunication Identifiers and Unauthorized Radio Equipment Under the Telecommunications Act  2025-12-19 at 10:38 By Ashish Khaitan The Indian government has introduced explicit legal provisions under subsection 42(3)(c) and subsection 42(3)(f) of the Telecommunications Act, 2023, formally classifying the tampering with telecommunication identifiers and the willful possession of radio equipment using unauthorized

India Criminalizes Tampering with Telecommunication Identifiers and Unauthorized Radio Equipment Under the Telecommunications Act  Read More »

Australia’s ACSC Releases Quantum Technology Primer for Cybersecurity Leaders 

ANZ, cyber news, cybersecurity /

Australia’s ACSC Releases Quantum Technology Primer for Cybersecurity Leaders  2025-12-17 at 15:44 By Ashish Khaitan The Australian Cyber Security Centre (ACSC) has published a new guide, Quantum Technology Primer: Overview, aimed at helping organizations understand the field of quantum technologies for cybersecurity. The publication is part of a bigger effort to raise awareness and preparedness

Australia’s ACSC Releases Quantum Technology Primer for Cybersecurity Leaders  Read More »

New NIS-2 Law in Germany Expands Cybersecurity Oversight and Introduces Heavy Fines 

cyber news, cybersecurity /

New NIS-2 Law in Germany Expands Cybersecurity Oversight and Introduces Heavy Fines  2025-12-11 at 16:26 By Ashish Khaitan Germany is taking decisive steps to strengthen its cybersecurity framework following the rise of digital threats. Last month, the Bundestag adopted the NIS-2 Implementation Act, translating the EU NIS-2 Directive (Directive (EU) 2022/2555) into national law. Published in

New NIS-2 Law in Germany Expands Cybersecurity Oversight and Introduces Heavy Fines  Read More »

Zero-Day to Zero-Hour: React2Shell (CVE-2025-55182) Becomes One of the Most Rapidly Weaponized RSC Vulnerability 

cyber news, vulnerability, vulnerability management /

Zero-Day to Zero-Hour: React2Shell (CVE-2025-55182) Becomes One of the Most Rapidly Weaponized RSC Vulnerability  2025-12-10 at 08:53 By Ashish Khaitan The vulnerability disclosure cycle has entered a new era, one where the gap between publication and weaponization is measured in minutes, not days. It has been confirmed that China-nexus threat actors began actively exploiting a critical React Server Components flaw, React2Shell,

Zero-Day to Zero-Hour: React2Shell (CVE-2025-55182) Becomes One of the Most Rapidly Weaponized RSC Vulnerability  Read More »

Australia Releases National AI Plan to Guide Adoption

ANZ, cyber news, cybersecurity /

Australia Releases National AI Plan to Guide Adoption 2025-12-10 at 08:53 By Ashish Khaitan The Albanese government has released Australia’s National AI Plan, establishing a coordinated framework to guide the adoption, governance, and development of artificial intelligence-related tech across the country. The plan is designed to ensure that technology serves people, supports economic growth, and strengthens Australia’s position in the

Australia Releases National AI Plan to Guide Adoption Read More »

Ransomware and Supply Chain Attacks Neared Records in November 

cyber news, darkweb, Ransomware, Ransomware Insights /

Ransomware and Supply Chain Attacks Neared Records in November  2025-12-10 at 08:52 By Paul Shread Ransomware attacks hit their second-highest levels on record in November, as the number of attacks rose for the seventh consecutive month.  The 640 ransomware attacks recorded by Cyble in November 2025 are second only to February 2025’s record totals (chart below).  Ransomware groups are increasingly targeting software supply chain vulnerabilities, which has contributed to a doubling of supply chain attacks since April

Ransomware and Supply Chain Attacks Neared Records in November  Read More »

CISA Updates Advisory for Active Exploitation Targeting Commvault Metallic SaaS Cloud Platform

CISA, Cloud Platform, Commvault, Commvault Metallic, cyber news, SaaS /

CISA Updates Advisory for Active Exploitation Targeting Commvault Metallic SaaS Cloud Platform 2025-05-28 at 17:30 By daksh sharma CISA issues urgent update on threats targeting Commvault’s Metallic SaaS platform, widely used for Microsoft 365 backups. This article is an excerpt from Cyble View Original Source

CISA Updates Advisory for Active Exploitation Targeting Commvault Metallic SaaS Cloud Platform Read More »

FBI, CISA Urge Memory-Safe Practices for Software Development 

cyber news /

FBI, CISA Urge Memory-Safe Practices for Software Development  2025-02-14 at 12:20 By Paul Shread In a strongly worded advisory, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have urged software developers to cease unsafe development practices that lead to “unforgivable” buffer overflow vulnerabilities.  “Despite the existence of well-documented, effective mitigations for buffer

FBI, CISA Urge Memory-Safe Practices for Software Development  Read More »

Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products

cyber news /

Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products 2025-02-13 at 06:19 By daksh sharma Overview The Cyber Security Agency of Singapore (CSA) has recently issued a warning regarding the active exploitation of a zero-day vulnerability (CVE-2025-24200) in a range of Apple products. This critical vulnerability is being

Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products Read More »

Scroll to Top