By 63SATS Cybertech News Desk
Cyber threats are intensifying across borders and sectors. Amitabh Kant warns that rising attacks on India’s digital infrastructure could destabilize national systems. China accuses U.S. NSA agents of hacking the 2025 Asian Winter Games. North Korean hackers target crypto developers via LinkedIn with malware-laced PDFs. AI-driven bots now dominate global web traffic, surpassing humans. A whistleblower accuses a Trump-era department of breaching federal data systems.
Meanwhile, Rajasthan police bust a fake Microsoft support scam targeting Americans. From state-sponsored espionage to AI-fueled automation and fraud, these incidents underscore a rising global cyber risk demanding urgent multi-layered responses.
Amitabh Kant Warns: Cyberattacks Could Cripple National Infrastructure
G20 Sherpa Amitabh Kant warned that India’s move toward smart grids and digital infrastructure faces a steep rise in cyber threats, with attacks increasing 300% since 2021. He revealed Lisianthus Tech findings showing over 3,000 weekly cyberattacks in 2024 and breaches costing nearly $2.8 million. Kant urged immediate action, calling cybersecurity a national stability issue, not optional.
China Accuses NSA Agents of Hacking Asian Winter Games
China has accused three alleged U.S. NSA operatives—Katheryn Wilson, Robert Snelling, and Stephen Johnson—of hacking the 2025 Asian Winter Games in Harbin. Claimed to be part of the NSA’s TAO cyber unit, they allegedly breached critical systems. Announced via Weibo, the charges come amid rising U.S.–China cyber tensions. A bounty has been announced, though reward details remain undisclosed.
LinkedIn Scam: North Korean Hackers Target Crypto Developers
Palo Alto’s Unit 42 uncovered that North Korean group Slow Pisces is targeting crypto developers via LinkedIn, posing as recruiters. They send fake PDF job offers linking to malware-laced GitHub repositories. The RN Loader and RN Stealer payloads steal data in multi-phase attacks. This sophisticated scam highlights how LinkedIn is being weaponized to exploit the Web3 developer ecosystem.
Bad Bots Now Outnumber Humans on the Web, Says Report
Thales’ 2025 Imperva Bad Bot Report reveals that bots now make up 51% of internet traffic—surpassing human activity for the first time in a decade. Malicious bot traffic rose to 37%, driven by AI tools. ByteSpider Bot led 2024’s AI-enabled attacks, followed by Applebot, ClaudeBot, and ChatGPT User Bot. The report highlights how generative AI fuels cyber automation.
Whistleblower: Trump-Era Dept May Have Breached Labor Board Security
A whistleblower claims Trump’s Department of Government Efficiency (DOGE) caused a breach at the National Labor Relations Board. Cybersecurity expert Daniel Berulis alleges data theft and intimidation, including threats and surveillance. His statement, submitted to Congress and federal investigators, comes as DOGE and Elon Musk face lawsuits over unauthorized system access. NBC reviewed the complaint but hasn’t verified it independently.
Rajasthan Police Bust Fake Microsoft Support Scam, Arrest 13
Rajasthan police have arrested 13 people, including three women, in a tech support scam posing as Microsoft representatives. Operating from a hotel in Mandawa, they targeted Americans using fake pop-ups and VoIP calls. The joint police operation seized 21 laptops, mobile phones, and routers. Authorities say the bust is part of a broader crackdown on cross-border cyber fraud operations.
Maharashtra Government Departments Face Cyber Threats
An internal audit by Maharashtra Cyber Cell has revealed that critical government departments—such as the Police, DGIPR, Electricity Department, and MPSC—lack adequate cybersecurity defenses. DIG Yashasvi Yadav confirmed the findings and urged urgent action. Advisories have been issued, as growing threats put essential public services at risk from increasingly aggressive cyber actors.
Pakistan-Linked Hackers Deploy New RATs in India
APT36, a Pakistan-based threat group, has expanded its attacks on Indian sectors including railways, oil and gas, and foreign affairs. The group now deploys CurlBack RAT, Spark RAT, and Xeno RAT using MSI installers. Mimicking SideWinder tactics, these sophisticated attacks underline evolving cyber strategies targeting India’s critical infrastructure.
ResolverRAT Hits Global Healthcare and Pharma
Morphisec uncovered a new malware strain—ResolverRAT—targeting healthcare and pharmaceutical sectors. Delivered via localized phishing emails, the Trojan leverages in-memory execution and evasion methods to bypass detection. Despite sharing infrastructure with older malware, its architecture is unique. The campaign shows how cultural customization is being used to increase success rates of global cyberattacks.
Hertz Confirms Cleo Zero-Day Data Breach
Hertz has confirmed a breach affecting its Hertz, Thrifty, and Dollar brands due to exploitation of zero-day vulnerabilities in Cleo’s platform. The attack occurred in late 2024 and was disclosed in February 2025. Hertz is analyzing the scope of customer data theft, highlighting the growing risk of third-party software in supply chain security.
Conduent Cyberattack Exposes Client Data
Govtech giant Conduent revealed a January 2025 breach in which attackers stole client data. Serving hundreds of public and private entities, including over 600 government agencies, Conduent reported the breach to the SEC. The company is working with cybersecurity experts to assess the damage, raising alarms about data safety in large service ecosystems.
DaVita Ransomware Attack Disrupts Patient Services
On April 12, 2025, DaVita, a leading dialysis provider, suffered a ransomware attack that disrupted patient services across its clinics. With 76,000 employees and 200,000 patients in the U.S. alone, the breach poses serious health risks. The company reported the incident to the SEC and is actively working to restore operations and ensure continuity of care.
CERT-In Warns of WhatsApp Desktop Flaw
CERT-In issued a critical alert for WhatsApp Desktop for Windows due to a spoofing vulnerability (CIVN-2025-0075). Affecting versions below 2.2450.6, the flaw allows arbitrary code execution via manipulated file extensions. Users are urged to update the app and avoid suspicious attachments to prevent system compromise and potential data breaches.
Indian Air Force Hit by GPS Spoofing Attack
An Indian Air Force C-130J aircraft encountered a GPS spoofing attack during a relief mission over Myanmar. The fake signals altered its flight coordinates, forcing pilots to rely on internal navigation systems. The incident underscores rising risks of electronic warfare and the vulnerability of even military operations to cyber-based interference.
IKEA Operator Fourlis Suffers €20M Ransomware Hit
Just before Black Friday 2024, IKEA operator Fourlis Group was hit with a ransomware attack, resulting in €20 million in damages. The incident disrupted IKEA’s digital platforms in multiple European countries. Other brands under the group were not affected. The case highlights how retail giants remain lucrative and vulnerable targets during peak shopping periods.
Lab Services Co-op Breach Affects 1.6M Individuals
Seattle-based Laboratory Services Cooperative (LSC) disclosed a breach that compromised personal and medical data of 1.6 million individuals. The nonprofit, which supports reproductive health clinics across 35 states, discovered the intrusion in October 2024. Cybersecurity experts and federal authorities are investigating. The incident emphasizes the need for stronger data protection in healthcare services.
Western Sydney University Reports Data Incidents
Western Sydney University revealed two cyber incidents, including a compromised SSO system between January and February 2025. Data from around 10,000 students and staff was accessed. With 47,000 enrolled students, the university is reviewing security protocols. The breaches spotlight the growing cybersecurity gaps in higher education institutions managing sensitive academic records.
China Admits Cyberattacks on U.S. Infrastructure
In a rare admission, Chinese officials have privately acknowledged cyber operations against U.S. infrastructure sectors. The Volt Typhoon group reportedly infiltrated critical systems including water, energy, and communications. The statement, though vague, is viewed as a geopolitical message amid Taiwan tensions. It affirms long-held concerns about state-sponsored cyber espionage targeting national resilience.
