Author: V Diwahar

India has issued a high-level AI Impact Summit cybersecurity alert ahead of the landmark global gathering, warning that foreign threat actors may attempt to deploy deepfakes, hijack networks, plant malware, and launch ransomware attacks targeting critical infrastructure. This isn’t just routine caution. The summit will bring together world leaders, AI researchers, policymakers, and global technology stakeholders. That kind of visibility makes it a magnet for cybercriminals and state-sponsored groups looking to disrupt, embarrass, or manipulate.Officials are particularly concerned about attempts to alter speeches using deepfake technology, compromise ISP routers, and disrupt live video conferencing systems during high-profile sessions.Why does this…

The Claude artifacts ClickFix macOS infostealer campaign marks a troubling evolution in search-based malware attacks. Threat actors are now abusing public AI-generated content to trick macOS users into infecting themselves simply by copying and pasting commands into Terminal. Researchers from MacPaw’s Moonlock Lab and AdGuard have uncovered multiple malicious campaigns that leverage public artifacts hosted on Anthropic’s Claude platform. These fake guides appear in Google Search results for common macOS queries such as “Homebrew install,” “online DNS resolver,” and “macOS disk space analyzer.” At least 15,000 users reportedly viewed one of these malicious guides before it was flagged. The true…

Passwords remain one of the most fragile points in modern security. Organizations often strengthen authentication by adding complexity length requirements, special characters, rotation rules but these controls frequently clash with human behavior. When passwords become hard to remember, users fall back on what feels familiar. In many environments, that familiarity comes directly from the organization itself. Company names, product terms, locations, and internal language quietly shape how users create passwords, even when they believe they’re choosing something unique.Attackers have long understood this pattern. Instead of relying on artificial intelligence or massive generic dictionaries, many credential attacks begin with something far…

Flickr has confirmed a potential data breach involving a third-party email service provider, raising concerns that user account metadata may have been exposed. While there is no evidence of a direct compromise of Flickr’s core systems, the incident could still affect a significant portion of its user base estimated at around 35 million monthly users. The incident was disclosed on 5 February 2026, with public reporting emerging over 5–6 February. Flickr says it acted quickly after being alerted, but investigations are still ongoing. Below is a clear breakdown of what happened, what data is at risk, and what users should…

A newly attributed record-breaking distributed denial-of-service (DDoS) attack has underscored just how extreme modern cyberattacks have become. The AISURU/Kimwolf botnet is now believed to be behind a 31.4 (Tbps) terabits-per-second assault that lasted just 35 seconds, making it one of the most powerful DDoS attacks ever observed. The attack occurred in November 2025 and was automatically detected and mitigated by Cloudflare, preventing disruption despite its unprecedented scale. According to Cloudflare, this incident was part of a broader surge in hyper-volumetric HTTP DDoS attacks throughout Q4 2025, a trend that shows no signs of slowing. What Happened and Why It Matters DDoS…

More than 3,280,081 Fortinet devices are currently exposed online with internet-facing web properties, leaving a significant number of organizations at serious risk of compromise. The exposure is linked to CVE-2026-24858, a critical FortiCloud SSO authentication-bypass vulnerability that is already being actively exploited in the wild. The flaw carries a CVSS score of 9.4, placing it among the most severe Fortinet vulnerabilities disclosed in 2026. It impacts widely deployed products including FortiOS, FortiManager, FortiAnalyzer, FortiProxy, and FortiWeb. With attackers already abusing the weakness, security teams are under increasing pressure to act quickly to prevent unauthorized access and potential network-wide compromise. What…