By Editorial Desk, 63SATS
News India Rescues Citizens from Southeast Asia Cyber Scam Rings
Over 2,900 Indians, including tech workers, were rescued from cyber scam centers in Cambodia, Laos, Myanmar, and Thailand. Lured via fake job offers by unregistered agents, many remain trapped. The MEA flagged 3,100 shady agents and is engaging politically to combat this threat. Law enforcement warns such scams continue to exploit desperate job seekers.
ChatGPT Outage Hits Millions Globally
OpenAI’s ChatGPT faced a major outage, affecting users in the U.S., Europe, India, Japan, and Australia. The chatbot responded only to initial prompts before erroring out. OpenAI confirmed elevated error rates and has since resolved the issue. The incident spotlights global reliance on generative AI and the importance of ensuring uptime in AI platforms.
Royal Mail Vendor Data Breach Hits Dark Web
A hacker known as ‘GHNA’ leaked 144GB of Royal Mail customer data, allegedly sourced from German vendor Spectos. The dump includes names, phone numbers, meeting videos, and internal documents. Shared via BreachForums, this breach raises data security concerns at the vendor level. Royal Mail has yet to confirm details or the extent of exposure.
DragonForce Claims RansomHub Takeover
Ransomware group DragonForce announced it’s taking control of RansomHub’s infrastructure—the leading ransomware group in 2024. With RansomHub’s site offline since March 31, speculation of a hostile takeover grows. DragonForce revealed new onion sites featuring RansomHub’s branding, signaling a potential shift in ransomware alliances and the dark web’s power structure.
Cyberattack Cripples Minnesota Tribal Community Systems
The Lower Sioux Indian Community in Minnesota suffered a cyberattack, disrupting phones, emails, healthcare, and casino operations. Linked to Jackpot Junction systems, the breach triggered emergency protocols. Temporary service lines were activated. Cybersecurity experts are working with tribal leaders to recover. The incident underscores the vulnerability of small, under-resourced digital ecosystems.
Thailand, Google Cloud Join Forces for Cybersecurity
Thailand’s NCSA and Google Cloud have partnered to boost national cyber resilience. Launched during Safer Songkran, the alliance focuses on threat intelligence, rapid response, and cybersecurity infrastructure. As Thailand accelerates digital transformation, the collaboration aims to safeguard public entities and citizens from evolving threats, setting a precedent for public-private cyber alliances.
India Deploys Cyber Commandos to Fight Digital Threats
India’s Home Ministry launched ‘Cyber Commandos,’ a proactive force trained to tackle modern cyber threats. Trained at IIT Madras, the first batch learned digital forensics, ethical hacking, and cyber intelligence using real-world scenarios. The initiative enhances law enforcement readiness and represents a significant step in India’s evolving cybersecurity landscape.
Ukraine Calls Rail Cyberattack an Act of Terror
Ukraine’s CERT-UA confirmed Russian-linked hackers targeted the national railway, Ukrzaliznytsia, taking down ticket systems. Sophisticated malware was customized for critical infrastructure. Officials labelled it “cyber terrorism,” citing intentional disruption of public services. This attack reflects the rising use of cyberwarfare in geopolitical conflicts and the growing threat to national infrastructure.
Massive X User Data Leak Resurfaces from Past Exploits
A database of 201 million X (formerly Twitter) users was reposted online by a user named ‘ThinkingOne.’ The leak, from earlier Twitter vulnerabilities, contains emails, names, and profile data. Originating from a 2022 bug bounty disclosure, the breach raises renewed concerns about platform security and lasting impacts of unresolved flaws.
EU Proposes FBI-Like Upgrade for Europol in New Plan
The European Commission unveiled its ProtectEU strategy, proposing Europol evolve into an operational agency akin to the FBI. The plan includes roadmaps for lawful data access and revisiting encryption policies. While not yet law, it signals the EU’s intent to strengthen cross-border crime-fighting in a shifting geopolitical and cyber landscape.
Hijack Loader Gets Stealthier with New Evasion Tactics
Hijack Loader malware has evolved with call stack spoofing and virtual machine detection, reports Zscaler. Originally discovered in 2023, it now delivers info-stealers and uses code-signing to bypass defenses. Also known as GHOSTPULSE and SHADOWLADDER, its stealth upgrades spotlight the growing sophistication of malware loaders targeting enterprise systems.
Phishing Campaign Abuses Microsoft Teams, DLL Sideloading
A phishing campaign identified by Ontinue exploits Microsoft Teams and Quick Assist. Attackers used vishing to gain access, then sideloaded malicious DLLs via TeamViewer. A JavaScript backdoor enabled persistent control. Techniques mirror those of Storm-1811. The attack blends social engineering and signed binary abuse, revealing rising complexity in modern phishing.
Hacker Group Claims DRDO Data Breach; Officials Deny
Babuk Locker 2.0 claims to have breached India’s DRDO, stealing 20TB of sensitive defense data. A 753MB sample was leaked, including documents on Air Force facilities and weapons. DRDO denies any breach, stating the data isn’t theirs. The incident has triggered national security concerns and calls for immediate cybersecurity audits.
Sebi Extends Cyber Framework Deadline to June 30
Sebi has extended the deadline for implementing its Cybersecurity and Cyber Resilience Framework (CSCRF) to June 30, 2025. The extension follows appeals from stakeholders seeking clarity on implementation. The framework, critical to India’s financial sector security, excludes Market Infrastructure Institutions and a few other entities from the deadline extension.
France Fines Apple $162M Over Privacy Policy Misuse
France’s antitrust regulator fined Apple €150 million ($162 million) for misuse of its App Tracking Transparency (ATT) feature between 2021–2023. Officials say Apple unfairly restricted third-party ad tracking while benefiting itself. The case reflects growing scrutiny over Big Tech’s privacy claims and their impact on fair competition in digital markets.
Military Supplier AMTEC Hit by Major Cyberattack
Cybercrime group InterLock claims it breached AMTEC, leaking 4.2TB of sensitive data including over 2.9 million files. Screenshots of stolen data were posted online. AMTEC, a U.S. ammunition supplier, has not commented. The breach signals rising threats to defense manufacturers and the need for stronger cyber hygiene in military supply chains.
Spyware Campaign in Taiwan Uses Fake Chat Apps
Sophos uncovered a spyware campaign targeting Taiwanese users via fake chat apps like “SangaalLite.” Distributed through hacked WordPress sites, the malware—PJobRAT—enabled remote access to contacts, messages, and files. While now dormant, the campaign echoes similar espionage tactics used in past Indian military-targeted attacks. Social engineering remains a key vector.
CERT-In Urges Caution Over Unsafe AI Apps
India’s CERT-In has warned against insecure AI apps, advising users to sign up anonymously and stay vigilant. Risks include data poisoning, adversarial attacks, and prompt injections. As AI adoption grows, the agency emphasizes secure design, user awareness, and responsible AI usage—especially for applications handling sensitive or personal data.
