Key takeaways Nearly three-quarters (74%) of family businesses globally experienced at least one cyberattack in the past two years; 33% faced multiple incidents Nearly half (43%) report having a robust cybersecurity strategy; most rely on basic defenses such as software updates (59%) and multifactor authentication (57%) Family businesses affected by attacks reported financial (54%), operational…
A new study shows that open-source AI chatbots, like Meta’s Llama and Google DeepMind’s Gemma, are being used in ways researchers didn’t expect—including by hackers. After tracking thousands of servers running these models worldwide over 293 days, experts found thousands of deployments with security issues, noting hundreds of instances where guardrails had been removed and…
Advanced persistent threat actors operating from Pakistan have launched coordinated attacks against Indian government organizations using newly discovered tools and malware designed to bypass security defenses. The attack chain begins with emails that are phishing base containing deceptive PDF documents that impersonate legitimate government communications. These PDFs display blurred images of official documents and use…
A massive database containing 149 million stolen login credentials was discovered exposed online without password protection. Cybersecurity researcher Jeremiah Fowler uncovered the breach and reported findings to ExpressVPN, revealing a sprawling collection of stolen accounts spanning major platforms, including Gmail, Instagram, Facebook, and government systems. Posing serious security risks to users of Gmail, Instagram, Facebook, Netflix,…
Forcepoint has appointed Archie Jackson as Data Security Strategist, Customer Success for Asia Pacific (APAC). This appointment will reinforce Forcepoint’s commitment to helping enterprises strengthen data protection amid accelerating cloud adoption, distributed work environments, and AI-driven workflows. In his new role, Jackson will work closely with customers, partners, and internal teams across the region to…
Grubhub confirms it’s been hacked after unauthorized actors gain access to internal systems. The attackers reportedly gained access through credentials stolen during the Salesloft breach last August. Salesloft, a sales engagement platform, suffered a compromise that exposed OAuth tokens for multiple integrated services. Those tokens provided persistent access that attackers exploited months later. Grubhub confirmed…
The NSA has published the first two documents in its Zero Trust Implementation Guidelines series. These initial releases cover the Primer and the Discovery Phase, which together set the groundwork for future guidance tied to the Department of War CIO Zero Trust Framework. Each phase focuses on a defined set of technical and operational steps…
A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified “large-scale exploitation” of CVE-2025-37164, a maximum-severity remote code execution bug in HPE’s data center management platform. Check Point has tied the activity to RondoDox, a Linux-based…
Terrabyte Group, a subsidiary of Terra International, has entered into a strategic partnership with Seqrite, the enterprise security arm of Quick Heal Technologies Limited. The collaboration leverages Terrabyte Group’s established market presence, regional expertise and experience in delivering enterprise-grade cybersecurity solutions across diverse Southeast Asian markets, strengthening Seqrite’s ability to address evolving cyber threats in…
Bengaluru-based Cybersecurity company CloudSEK on Tuesday said it has raised $10 million (about ₹90 crore) from Connecticut Innovations, the strategic venture capital arm of the State of Connecticut in the United States. With this investment, CloudSEK becomes the first Indian-origin cybersecurity company to receive funding from a US based back venture. CloudSEK had previously raised $19…
