Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Fake Claude AI Site Spreads New Beagle Windows Backdoor – Here’s How to Stay Safe

  Cybercriminals have launched a sophisticated malvertising campaign using a fake Claude‑AI website that installs a new Windows backdoor cal...

All the recent news you need to know
Meta Privacy Concerns
child online safety laws Cyber Security Digital Security Meta Meta Platforms Meta Privacy Concerns

Meta Challenges Ofcom Over Online Safety Act Fees and Penalties

 

Challenging new rules, Meta - owner of Facebook and Instagram - is taking Ofcom to the High Court amid disputes about charges tied to the Online Safety Act. The legal move stems from disagreements on how costs and fines are set by the UK's communications watchdog. 

July 2025 marked the start of a legal shift meant to curb damaging material on internet services. Funding oversight duties now fall partly on big tech firms, each paying yearly charges based on global earnings. These payments support Ofcom’s work monitoring digital spaces. Rules took effect without delay once enacted. Revenue ties ensure contributions scale with company size. Later in 2025, new rules took effect targeting firms with annual earnings above £250 million. 

These apply specifically to digital spaces like social networks and search tools - any platform allowing user-generated posts falls under scrutiny. While scale matters, the core focus remains on interactive online environments. Revenue size triggers obligation; activity type defines scope. What stands out is how Meta views the regulator's approach to setting operational charges and potential fines as skewed, placing too much burden on just a few major tech players. Shaped by courtroom arguments, legal representatives emphasized that today’s framework demands disproportionate contributions from firms like theirs. 

Though the Online Safety Act applies across a wide range of online services, the cost structure reflects something narrower in practice. One outcome - seen clearly - is that even minor shifts in methodology could alter financial exposure significantly. Behind these figures lies an assumption: larger platforms must pay more simply because they can. Yet the law itself does not single them out for heavier obligations. 

Instead, what emerges is a system where scale becomes a proxy for liability without clear justification. Disputing the method behind calculating eligible international income forms part of the legal argument. Court documents show Meta arguing penalties ought to reflect earnings only from UK-based operations, not total global turnover. Should firms fail to meet online safety duties, penalty amounts might reach 10% of global turnover - or £18 million - whichever figure exceeds the other. 

Another layer emerges where Meta contests methods used to assign sanctions if several units within one corporate family share fault. Later in London, at an early court session, officials heard that Epic Games - creator of Fortnite - and the Computer and Communications Industry Association might ask to join the legal matter. The possibility emerged through statements presented to the High Court. 

Later this year, more sessions will follow after Mr Justice Chamberlain pointed to matters of broad public significance in the case. Come October, a complete hearing should unfold. Following prior disputes over the Online Safety Act by various groups, litigation has now emerged again. Though distinct, last year’s challenge by the Wikimedia Foundation dealt with related rules on age checks - and ended in defeat. 

Despite pushback, Ofcom stood by its method, saying fees and penalties followed directly from how the law is written. Rather than accept Meta's concerns, the authority insisted the system makes sure firms with major online influence support efforts to keep users safe. Still, Meta insists it will keep working alongside Ofcom, though parts of the rollout feel excessive to them. Even with their suggested adjustments, oversight bodies could still hand down penalties among the highest ever seen on British companies.
Read more »
Technology
AI Bitcoin Crypto ETH Etherium Quantum Computing Technology

Crypto at Risk: Experts Believe Quantum Threat Arriving by 2030


A recent report has warned that cryptographic foundations that secure trillions of dollars in digital currency can be hacked by quantum computers within the next four to seven years, and the blockchain industry is not prepared for damage control.

About quantum computing and threats

Project Eleven, a quantum security firm, published a report that said these quantum computers, even one, is powerful enough to hack the elliptic curve digital signatures securing Ethereum, Bitcoin, and other big blockchains. Experts say they won’t exist beyond 2033, and may end soon by 2030. The window for action is closing fast. According to the report, “Migration to quantum-resistant cryptography is no longer optional but imperative for any blockchain system expected to be trusted and secure into the future." 

Why is quantum computing so fast?

Recent innovations have significantly lowered the hardware bar needed to launch such attacks. A breakthrough Google paper said that breaking the elliptic curve cryptography threshold could be achieved within 1,200 logical cubits, and less than 90 minutes of computing time on a supercomputing hardware.

Google has put a Q-Day (like D-day)  at 2032. Project Eleven’s research has decreased the timeline by two years: 2030. The report estimates that 6.9 million Bitcoin (one third of the total estimated supply) have already been leaked on-chain, exposed to the potential quantum attack. For ETH, exposure is more, with over 65% of all ETH held in quantum-exposed addresses.

Why are blockchains weak against quantum computing?

The public ledgers and bearer-instruments offer no security. Blockchains has no scam department, no redressal platform for stolen funds, and no chargeback measures. If a quantum hacker recovers a private key and steals money, the loss is permanent. The transition problem is further fouled by slow-moving blockchain governance. 

What makes blockchains particularly vulnerable, the report explains, is that their public ledgers and bearer-instrument design offer no safety net. Unlike a bank, a blockchain has no fraud department, no chargeback mechanism, and no way to reverse a forged transaction. Once a quantum attacker recovers a private key and drains a wallet, the loss is permanent. 

Why is crypto migration difficult?

Bitcoin SegWit upgrade took more than two years to complete whereas ETH’s transition of proof stake took around 6 years to build. Quantum migration reaches the most basic layer of any blockchain mechanism.

The tech world has already started moving. More than half of web traffic (human) is currently post-quantum encrypted, Cloudflare data from December 2025 said. 

Is the digital industry prepared?

The digital asset industry lacks preparedness. Crypto developers are suggesting various proposals but these plans will take years to execute while the threat is already brushing businesses and users.

"The internet has already moved," the report added. "The digital asset industry—which arguably has more at stake because blockchains directly protect bearer value with the exact cryptographic primitives that quantum computers threaten—has barely started."

Read more »
Supply Chain Security
API Token Exposure Cloud Cyber Extortion Cyber Threats DevSecOps Security GitHub Token Leak Grafana Breach Supply Chain Security

GitHub Token Exposure at Grafana Triggered Codebase Theft Incident


 

Following the acquisition of a privileged GitHub token tied to Grafana Labs' development environment, a threat actor quickly escalated the initial credential exposure into a significant source code security incident. It was possible for the attacker to gain access to the company's private GitHub infrastructure, extract internal code repositories, and then attempt to extort payment from the organization via unauthorized access.

In addition to revoked credentials quickly, Gloria Labs launched an internal forensic investigation to determine the origin of the exposure and limit further risks. In spite of the fact that the breach resulted in access to sensitive development assets, the company announced that investigators found no evidence of data compromise, disruption of operations, or unauthorized access to user environments as a result of the breach. 

Grafana’s widespread use in modern observability environments has drawn significant attention across the cybersecurity community due to the platform’s widespread role in monitoring infrastructure, cloud workloads, applications, and telemetry systems through centralized dashboards and analytics. The incident has attracted significant attention across the cybersecurity community.

In the course of the investigation, Grafana Labs disclosed that after detecting unauthorized activity, its security team initiated an immediate forensic response, eventually tracing the source of credential exposure and revoking the compromised access token in order to prevent further intrusion. Additionally, additional defensive controls were implemented across the company's development environment as part of its efforts to contain and harden the environment. 

Afterwards, the threat actor attempted to extort the organization by requesting payment in exchange for delaying publication of the stolen data, according to the disclosure. Grafana, however, chose not to engage in ransom negotiations, aligning its response with Federal Bureau of Investigation guidance, which has consistently emphasized that paying extortion demands does not ensure data recovery nor prevent future misuse of stolen information. 

A number of federal authorities have warned against ransom payments, stating that they rarely ensure suppression of stolen data and often contribute to additional criminal activity targeting technology providers and enterprise platforms. 

The exact timeline of the attack or the length of time the attacker was permitted access to Grafana Labs' GitHub environment have not been disclosed, as only that the incident has recently been discovered. It is also noteworthy that the company did not explicitly attribute the intrusion to a specific threat actor. 

However, various cyber threat intelligence reports, including Halcyon and Fortinet FortiGuard Labs assessments, have linked claims surrounding the incident with CoinbaseCartel, a collective of data extortionists. It has been noted that the group is an emerging extortion-focused operation that emerged in late 2025 and has operational overlap with criminal ecosystems such as ShinyHunters, Scattered Spider, and LAPSUS$ based on public statements released by Grafana.

According to the company's public statements, investigators believe that the intrusion occurred due to the compromise of privileged authentication tokens used in Grafana's development process. As a result, these tokens are frequently used to authenticate automated processes, integrations, and development workflows without requiring repeated manual logins. Although highly beneficial to operational efficiency, exposed tokens can also serve as high-value attack vectors when given broad permissions. 

In this case, Grafana Labs' GitHub environment was compromised as a result of a compromised token that allowed the attacker access to private source code repositories within Grafana Labs. Despite the company's assertion that no customer information, user environments, or operational systems were compromised, the exposure of proprietary source code remains a significant security concern within software supply chain environments.

Although Grafana stated that customer environments were not affected, unauthorized access to proprietary source codes remains a serious concern, as attackers have the capability of analyzing internal architecture, configurations, or development logic to identify vulnerabilities that may later be used to conduct targeted attacks or other supply chain risks. 

Grafana is widely deployed observability technology, and therefore the security of its development infrastructure is of particular importance. Attacks against software vendors may result in downstream risks affecting customers, cloud deployments, as well as broader enterprise environments linked by modern DevOps and observability pipelines. Upon tracking the threat intelligence associated with the incident, it has been determined that the operators behind the claimed attack are primarily engaged in data theft and extortion operations rather than conventional ransomware operations that encrypt files. 

Over 170 victims have been linked to the group across sectors such as healthcare, transportation, manufacturing, and technology, reflecting the growing trend toward cyber-attacks that focus on data theft and extortion. There has been no public announcement by Grafana Labs regarding which repositories or internal projects were accessed during the breach, indicating that there is no clear understanding of the scope of the material that was downloaded. Grafana Labs has not disclosed which repositories were accessed during the breach. 

In addition to Grafana Cloud, Grafana's managed cloud monitoring platform is widely used across enterprise environments for observing observability. In addition to the disclosure, cyber attacks aimed at extortionating software vendors and cloud service providers are also becoming increasingly aggressive. Following threats of leaking large volumes of data supposedly associated with schools and universities across the United States, Instructure reportedly agreed to negotiate with threat actors connected to ShinyHunters following an alleged agreement to negotiate. 

Grafana Labs' decision to reject the extortion demand reflects a growing industry debate concerning ransomware economics, incident response strategies, and the long-term consequences of compensating cybercriminals. A company statement in accordance with advice issued by the Federal Bureau of Investigation stated that paying attackers would not guarantee the suppression of the stolen material nor eliminate the possibility of future abuse, resale, or repeated extortion attempts. 

The company notes that organizations have no assurance that the stolen information will actually be removed after payment, which makes ransom negotiations risky and uncertain from an operational perspective. The incident emphasizes the high value of authentication tokens, API credentials, and machine-level secrets within enterprise environments, in addition to the breach itself.

In order to reduce the risk of token-based intrusions and software supply chain attacks, security teams are increasingly recommending implementing measures such as short-lived credentials, least privilege access, credential rotation, and multi-factor authentication. They also recommend continuous monitoring of repositories and continuous delivery pipelines. 

The enterprise attack surface has been increasingly centered around GitHub repositories, package distribution systems, internal build pipelines, and cloud-based engineering environments, which require security controls comparable to those protecting production infrastructure. Grafana Labs has gained attention for its relatively transparent disclosure approach despite the seriousness of the intrusion. 

A statement from the company outlined the compromise, clarified what investigators believe remains unaffected, disclosed the attempted extortion component, and indicated that further details may become apparent as the forensic investigation proceeds. At present, the known impact appears to be limited to unauthorised access and download of internal source code repositories, with no evidence suggesting that customer environments, operational systems, or personal information has been compromised.

Grafana remains closely monitored across the cybersecurity community, as it is widely used throughout production observability stacks and cloud-native enterprise environments around the world. Despite Grafana Labs' assurance that customer systems and personal data were not affected, the incident highlights the increasing importance of securing development infrastructure, access credentials, and cloud-connected engineering environments against increasing sophistication in extortion-focused threats.
Read more »
Data Privacy Laws
AI Chatbots AI Model AI Privacy Canada ChatGPT Privacy ChatGPT. OpenAI Cyber Privacy Cyber Security Data Privacy Laws

Canadian Privacy Regulators Say OpenAI Violated Federal and Provincial Privacy Laws

 

After months of scrutiny, Canadian oversight bodies determined OpenAI did not meet several national and regional data protection standards while developing its AI systems. This outcome emerged from a coordinated review spearheaded by federal Privacy Commissioner Philippe Dufresne, working together with counterparts in Alberta, Quebec, and British Columbia. 

What stood out in the findings was a pattern of data handling at OpenAI - massive volumes of personal details gathered, yet lacking strong protections or clear approval from affected people. Because of this approach, authorities concluded it clashed with rules set by Canada’s privacy law, known formally as PIPEDA, guiding how firms manage private data while conducting commercial activities. 

The way ChatGPT and similar artificial intelligence models were developed raised notable questions for oversight bodies. A key point centered on data collection practices - information about people pulled from open internet resources and external databases, often without clear notice to those affected. Officials pointed out that many users remain unaware their details might feed into machine learning processes. 

Another concern emerged around control: few practical options let individuals inspect, update, or request deletion of their data linked to these systems’ training records or responses. Oversight groups stressed that current safeguards fall short in offering real transparency or user agency. Questions arose about how dependable ChatGPT's answers really are. 

Some pointed out that current methods for managing false or confusing replies fall short - especially if private information is at stake. Even so, Canadian privacy authorities observed OpenAI engaging throughout the probe, committing in advance to adjustments meant to bring operations into line with national data rules. Following these steps, it appears older versions of the AI were phased out due to shortfalls in compliance, while new filters emerged - meant to spot and obscure details like contact numbers or full names across both open-access and legally obtained training collections. 

Some time soon, OpenAI will adjust how it explains the role of user chats in training its systems. A new phase involves more noticeable alerts for people using ChatGPT without logging in. These notices aim to guide visitors away from submitting private details. How exchanges help shape upcoming models will also become part of that message. Updates are meant to surface key points earlier in the experience. 

Further changes include streamlining how users access their data, while offering straightforward steps for disputing AI-generated inaccuracies. Officials emphasized protections for young relatives of well-known individuals - models must now avoid revealing personal details like names or birthdays if the child is not publicly recognized. 

Later scrutiny emerged when news surfaced connecting OpenAI to alarms tied to a violent event in Tumbler Ridge during early 2026, reigniting interest in an inquiry first begun in 2023. Though internal signals about the individual's activity were reportedly noticed earlier, officials claimed the firm failed to forward such red flags to Canadian authorities. Because of what followed, oversight bodies emphasized better coordination among artificial intelligence developers, police units, and public health offices whenever physical harm appears likely. 

Rather than wait, expectations now lean toward faster information sharing across these groups. Pressure mounts globally as scrutiny increases on firms using artificial intelligence, pushing them toward stronger safeguards for personal data. How information is gathered and applied in training powerful models now faces closer examination. 

Greater openness about methods has become harder to avoid. Responsibility for outcomes ties directly to practices behind massive data processing. Standards shift under persistent demands for clearer conduct.
Read more »
Shipping Labels Identity Theft
Cyber Fraud Delivery Scam Parcel Security Data Privacy Shipping Labels Identity Theft

Delivery-Label Scam: How Amazon & Flipkart Boxes Can Steal Your Data

 

Scammers are exploiting discarded delivery boxes from Amazon and Flipkart to harvest personal information and launch sophisticated phishing attacks, so shoppers need to treat packaging as sensitive data rather than trash. Labels on parcels often include names, phone numbers, addresses and sometimes order details, which fraudsters collect from bins or common disposal areas and then use to make their outreach appear legitimate. 

The attack begins with a simple, low-tech step: gathering boxes with intact shipping labels. Criminals extract the printed information and then contact the recipient posing as customer-care or rewards agents, leveraging the accurate personal details to build trust quickly. Because the caller or message can reference the victim’s real name, number, and recent purchase, targets are more likely to engage and follow instructions, which typically include clicking a link or sharing an OTP to “confirm” a cashback, refund, or prize. 

Clicking the supplied link or following caller instructions is where the compromise happens. Victims are often led to phishing pages or prompted to install malicious apps that capture credentials, banking details, and OTPs, or to enter payment information directly on fake forms; these steps can lead to immediate financial loss and longer-term account takeover. Scammers sometimes combine this with social-engineering scripts—urgent tones, limited-time offers, or threats of cancelled orders—to pressure victims into acting without verification. 

Safety tips 

Protection is straightforward but requires habit change. Before discarding any parcel, remove or destroy the shipping label—tear it off, shred it, black it out with a permanent marker, or use an identity-protection roller stamp to obscure personal data. Never click links or install apps sent by unknown numbers, and verify any unexpected offers or refund requests directly through the official Amazon or Flipkart apps or websites rather than through messages or calls. Treat unsolicited calls that reference personal order details with skepticism, and never share OTPs, passwords, or bank information even when the caller appears informed. 

This scam becomes especially active around big sale events when large volumes of deliveries increase the supply of labelled packaging and scammers’ opportunities to find usable targets. A few seconds spent removing labels and a little caution with links and calls can block an easy avenue criminals use to convert harmless cardboard into a source of identity theft and financial fraud.
Read more »
Technology
agentic AI AI ChatGPT Cloud GenAI Internet Technology

4 Key Areas in 2026 for Organisation Safety Against Advanced AI Threats

4 Key Areas in 2026 for Organisation Safety Against Advanced AI Threats

2026 has not been a kind year to cybersecurity, as organizations and industries globally have been hit by ruthless cyberattacks. 

2026 and cybersecurity

Cybersecurity entered 2026 under stress to deploy AI tech while building foundations for a quantum future. Cybersecurity experts have to defend against advanced AI and hybrid attacks while facing talent scarcity, a rapidly shifting threat scenario, and rising operational challenges. 

It is the first time that hackers have access to the same advanced enterprise-level tech that security experts are using to defend their digital assets.

Is the convergence good or bad?

Organizations are in need of the transformational advantage that Quantum computing promises, however, it also risks affecting the cryptographic infrastructure that protects today’s digital world. Worse, cyber attackers are getting together and outbeating experts. 

Like experts, threat actors don’t mind playing the long game either, they gain initial access and stay hidden inside systems for longer periods of time. When the right opportunity arrives, they move laterally and hack important data that can affect operations, cause financial damage, and tarnish reputations.

So, what are these four key areas that businesses and users need to address or stay safe from?

1. System and skills problem

As per the ICS2 2025 report, 69% respondents suffered multiple cybersecurity breaches due to skill gaps. This is due to various factors such as budget constraints, misalignment in academia, and high enterprise demand.

2. Bug management shift to active exposure reduction

Hackers use GenAI to advance their attacks, scaling, and escape security experts. This reactive cycle delays response times, and gives just basic protection. What businesses need today is Continuous Threat Exposure Management (CTEM) approach that offers real-time visibility before flaws can be exploited. But the success depends on AI-based risk prioritization.

3. Advanced deepfake protection is the need of the hour

Reliability is the new attack vector. Deepfakes have plagued every digital aspect of human life. Traditional measures fail to address content due to AI, therefore AI-based protection is needed. Adaptive deepfake systems can address identity workflows and respond immediately to threats, flagging malicious activity and capturing attacks with detailed metadata for research and audit work.

4. Post-quantum protection 

Quantum computing is making strides in applicability; if sufficiently advanced, the systems can break public-key cryptographic systems in ransomware attacks such as RSA, where hackers extort millions. Hackers are already using the “harvest now, decrypt later” approach, stealing coded data with no promise of returning it. 

Thus, the National Institute of Standards and Technology (NIST) have advised to adopt post-quantum cryptography (PQC) and tracking quantum-vulnerable assets.

Read more »
Subscribe to: Posts (Atom)

Featured