By Ashwani Mishra, Editor-Technology, 63SATS
India and Malaysia have strengthened defense ties, forming a Joint Focus Group to address maritime security, cybersecurity, and AI risks. Meanwhile, Russia-backed hackers are targeting Signal Messenger to intercept sensitive communications, with potential expansion to WhatsApp and Telegram.
The China-based Ghost ransomware group (Cring) continues to exploit unpatched vulnerabilities, affecting over 70 countries, prompting FBI and CISA warnings. In Australia, IVF clinic Genea suffered a cyber breach, exposing patient data. Additionally, hackers are using invisible Unicode tricks to evade detection in phishing attacks, targeting a U.S. political action committee (PAC). Cyber threats remain on the rise globally.
India-Malaysia Strengthen Defense Ties, Form Joint Focus Group on Cybersecurity
India and Malaysia have reinforced their defense collaboration, emphasizing maritime security, multilateral cooperation, and defense industry advancements. The two nations have agreed to establish a Joint Focus Group to counter non-traditional maritime threats and expand cooperation in emerging domains such as cybersecurity and AI.
This decision was made during the 13th Malaysia-India Defence Cooperation Committee (MIDCOM) meeting in Kuala Lumpur, co-chaired by India’s Defence Secretary Rajesh Kumar Singh and Malaysia’s Secretary General Lokman Hakim Bin Ali. Both sides acknowledged the growing bilateral defense engagements and pledged to enhance future collaborations.
Russia-Linked Hackers Target Signal Messenger in Espionage Campaign
Google’s Threat Intelligence Group (GTIG) has identified a surge in cyberattacks on Signal Messenger by Russian state-backed hackers. These attacks, aimed at intelligence targets, align with Russia’s ongoing war efforts in Ukraine. The secure messaging app, widely used by military personnel, journalists, and activists, has become a high-value target.
Google warns that these tactics may soon extend to WhatsApp and Telegram, increasing global surveillance risks. As Russia refines its cyber-espionage methods, users are urged to adopt enhanced security measures to protect sensitive communications. The threat landscape is evolving, with broader geopolitical implications.
China-Based Ghost Ransomware Group Exploits Unpatched Vulnerabilities
The FBI and CISA have issued a security alert on Ghost (Cring) ransomware, a China-based cybercrime group exploiting unpatched software vulnerabilities. Active since 2021, Ghost has been targeting internet-facing services globally, impacting organizations across 70+ countries, including China.
Despite available security patches, many systems remain vulnerable, enabling persistent attacks. The group’s recent campaigns in January 2025 signal ongoing threats to businesses with outdated defenses. Cybersecurity experts urge organizations to immediately patch systems and strengthen security protocols to mitigate risks from ransomware attacks.
Australian IVF Clinic Genea Suffers Cyber Breach, Investigates Data Theft
Genea, a leading Australian IVF clinic, has confirmed a cyber incident resulting in unauthorized access to sensitive patient data. The breach was detected on February 19, prompting an urgent investigation into potential exposure of personal information. To contain the attack, Genea shut down critical systems and is restoring services while assessing the impact.
The clinic assured affected individuals that security measures are being reinforced, and impacted patients will be notified. With multiple clinics nationwide, Genea is working to minimize disruptions while collaborating with cybersecurity experts to strengthen its defenses.
Hackers Use Invisible Unicode in Sophisticated Phishing Attacks
Cybercriminals are exploiting invisible Unicode characters to hide malicious JavaScript in phishing attacks targeting an American political action committee (PAC). Juniper Threat Labs identified this tactic in January 2025, showcasing its advanced evasion techniques, including timing checks, debugger breakpoints, and obfuscated phishing links.
This obfuscation method, first disclosed in October 2024, demonstrates how quickly cybercriminals weaponize new research. Experts warn that such stealth attacks could bypass traditional security measures, urging organizations to enhance email security and phishing detection mechanisms.
