admin – Securitydive

APT Hackers Targets Indian Govt Infrastructure Using GOGITTER Tool & GITSHELLPAD Malware

Advanced persistent threat actors operating from Pakistan have launched coordinated attacks against Indian government organizations using newly discovered tools and malware designed to bypass security defenses. The attack chain begins with emails that are phishing base containing deceptive PDF documents that impersonate legitimate government communications. These PDFs display blurred images of official documents and use…

48M Gmail, 6.5M Instagram Exposed Online From Unprotected Database

admin12 hours ago12 hours ago02 mins

A massive database containing 149 million stolen login credentials was discovered exposed online without password protection. Cybersecurity researcher Jeremiah Fowler uncovered the breach and reported findings to ExpressVPN, revealing a sprawling collection of stolen accounts spanning major platforms, including Gmail, Instagram, Facebook, and government systems. Posing serious security risks to users of Gmail, Instagram, Facebook, Netflix,…

admin1 week ago03 mins

Forcepoint has appointed Archie Jackson as Data Security Strategist, Customer Success for Asia Pacific (APAC). This appointment will reinforce Forcepoint’s commitment to helping enterprises strengthen data protection amid accelerating cloud adoption, distributed work environments, and AI-driven workflows. In his new role, Jackson will work closely with customers, partners, and internal teams across the region to…

Grubhub confirms data breach: hackers demand ransom tied to Salesforce attacks

admin1 week ago1 week ago03 mins

Grubhub confirms it’s been hacked after unauthorized actors gain access to internal systems. The attackers reportedly gained access through credentials stolen during the Salesloft breach last August. Salesloft, a sales engagement platform, suffered a compromise that exposed OAuth tokens for multiple integrated services. Those tokens provided persistent access that attackers exploited months later. Grubhub confirmed…

New set of Implementation for ZeroTrust released by the NSA

admin1 week ago1 week ago04 mins

The NSA has published the first two documents in its Zero Trust Implementation Guidelines series. These initial releases cover the Primer and the Discovery Phase, which together set the groundwork for future guidance tied to the Department of War CIO Zero Trust Framework. Each phase focuses on a defined set of technical and operational steps…

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

admin2 weeks ago03 mins

A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet. The security outfit says it has identified “large-scale exploitation” of CVE-2025-37164, a maximum-severity remote code execution bug in HPE’s data center management platform. Check Point has tied the activity to RondoDox, a Linux-based…

Seqrite, Terrabyte Group partner to strengthen cybersecurity footprint in Southeast Asia

admin2 weeks ago2 weeks ago03 mins

Terrabyte Group, a subsidiary of Terra International, has entered into a strategic partnership with Seqrite, the enterprise security arm of Quick Heal Technologies Limited. The collaboration leverages Terrabyte Group’s established market presence, regional expertise and experience in delivering enterprise-grade cybersecurity solutions across diverse Southeast Asian markets, strengthening Seqrite’s ability to address evolving cyber threats in…

Bengaluru-based CloudSEK becomes first Indian cybersecurity firm to get investment from a US state fund

admin2 weeks ago03 mins

Bengaluru-based Cybersecurity company CloudSEK on Tuesday said it has raised $10 million (about ₹90 crore) from Connecticut Innovations, the strategic venture capital arm of the State of Connecticut in the United States. With this investment, CloudSEK becomes the first Indian-origin cybersecurity company to receive funding from a US based back venture. CloudSEK had previously raised $19…

Chinese-Linked Cyberespionage Target U.S. Government; Mustang Panda

admin2 weeks ago2 weeks ago02 mins

The Chinese-linked cyberespionage group ‘Mustang Panda’ targeted U.S. government and policy-related officials with phishing emails themed around Venezuela. The campaign, uncovered by Acronis, exploited geopolitical events to infect systems and steal data. The U.S. Department of Justice recognizes Mustang Panda as a hacker group backed by China. Chinese-linked cyberespionage group, identified as ‘Mustang Panda,’…

45M French records leaked after suspected attacker exposed data trove

admin2 weeks ago03 mins

The exposed dataset contained numerous French records, from population registry data to car insurance information, totalling tens of millions of records. The Cybernews research team believes the database was likely compiled by malicious actors. Key takeaways: Over 45M French records were exposed in an open database likely compiled by malicious data collectors. The leaked data…