TECH NEWS
* Malware hides payload in Steam Community comments * WordPress sites used to host backdoors * Nearly 2,000 sites compromised since July Security researchers from GoDaddy found a cheeky new malware campaign that used comments made by Steam Community accounts as command-and-control (C2) infrastructure. Here is how the attack plays out: The
TECH NEWS
In a major expansion of its global cybersecurity strategy, artificial intelligence pioneer Anthropic has announced that it is widening access to its highly restricted Claude Mythos Preview model to 15 countries, explicitly including India. The rollout, orchestrated under an industry initiative known as Project Glasswing, will distribute the elite model
TECH NEWS
The Data Security Council of India and PrivaSapien have jointly released a new industry report outlining how enterprises can operationalise India’s Digital Personal Data Protection (DPDP) Act through privacy engineering and privacy-enhancing technologies (PETs) as organisations prepare for stricter compliance and AI governance requirements. The report, titled Operationalising DPDP
TECH NEWS
UK banks are set to receive access to OpenAI’s GPT-5.5 Cyber after being excluded from Anthropic’s latest expansion of Project Glasswing. Project Glasswing, and access to the Mythos Preview model, is geared toward ensuring critical infrastructure providers are prepared to handle the threat posed by advanced AI
TECH NEWS
IMA Diligence Services is notifying over 525,000 individuals that their personal information was stolen in a data breach. The incident, the company says, was identified in mid-December after a legacy server managed by a third party became inaccessible. “Upon discovery, we notified law enforcement and promptly commenced an investigation
TECH NEWS
The US cybersecurity agency CISA on Tuesday warned of in-the-wild exploitation of a Linux kernel vulnerability that leads to container escapes. Tracked as CVE-2022-0492 (CVSS score of 7.8), the issue is described as an improper authentication vulnerability that could allow attackers to elevate their privileges and bypass the namespace
TECH NEWS
Spanish hacker José Luis Huertas will serve two years and seven months in prison after taking a plea deal at the National Court on Wednesday. The 22-year-old Huertas, known online as Alcasec, admitted to stealing banking details from over half a million citizens. Prosecutors originally requested a three-year sentence, but
TECH NEWS
KPMG, in collaboration with AMCHAM India, has released a new knowledge paper positioning Pune as one of India’s fastest-growing Global Capability Centre (GCC) destinations, driven by rising enterprise demand for AI, engineering, digital transformation, and innovation-led operations. Titled “Pune: A Strong Growth Frontier for Global Capability Centers in India”
TECH NEWS
Known denial-of-service (DoS) techniques can be chained together in a new exploit that can knock major web servers offline, Calif security researchers warn. Dubbed HTTP/2 Bomb and discovered using OpenAI’s Codex, the exploit combines a compression bomb that targets HTTP/2’s header compression scheme (HPACK) with a
TECH NEWS
When a CISO tells the board “we tested that system last quarter,” it sounds reassuring. But in today’s threat landscape, it’s a measurement that no longer maps to reality. Recent industry research shows that while 95% of organizations prioritize penetration testing, only 32% of their attack surface is
TECH NEWS
* Trump signs executive order on AI testing * Models must undergo cybersecurity review pre‑release * Major AI firms publicly support initiative US President Donald Trump signed a new executive order earlier this week, demanding leading AI companies voluntarily submit their flagship models for government cybersecurity testing before deploying them into the
TECH NEWS
Microsoft has responded to backlash over its initial threats of legal action against researchers who publicly disclose zero-day vulnerabilities without coordinated notification. The controversy concerns a researcher known online as Chaotic Eclipse and Nightmare Eclipse, who in recent weeks disclosed the details and proof-of-concept (PoC) exploits for several unpatched vulnerabilities
