Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Hackers Attack Sugar Mill, Force Operations and Harvesting Shutdown

Australia’s second-biggest sugar producer, Mackay Sugar, is looking into a cyberattack that impacted parts of its operations and temporarily...

All the recent news you need to know
User Security
Cyber Fraud Cyberabad Police eSim Scam Sim Swapping User Security

Cyberabad Police Busts eSIM Banking Fraud Gang in Hyderabad

 

Cyberabad police have exposed an inter-state cyber fraud racket that used eSIM manipulation, SIM swapping tactics, and OTP diversion to steal money from bank customers. The case underlines how criminals are mixing telecom fraud with banking deception to bypass normal security checks and move money fast. 

Investigators said the accused impersonated staff from a bank’s premium credit card division and contacted victims under the guise of DoT verification. They persuaded targets to convert eSIMs into physical SIM cards, then sent preloaded mobile devices carrying malicious apps, which helped redirect OTPs and banking alerts to the fraudsters. 

Once the OTPs were diverted, the gang could access bank accounts, authorize transfers, and siphon off funds before the victims understood what had happened. Police said six people were arrested in the case: Selim Mondal, Abdul Alim SK alias Mittu, Saiyad Hasim Reza alias Tippu, Mijanur Rahaman Shaik, Bansidhar, and Mehebub Alam Ansary alias Suraj. The fraud amount was put at Rs 77.75 lakh, and police recovered Rs 15 lakh in cash during searches at the accused persons’ homes. 

The bigger concern is that this type of scam is highly scalable. It does not depend on hacking a bank’s servers; instead, it exploits human trust, weak verification habits, and the phone number as a security key. If a criminal gets control of your SIM or eSIM flow, they may also gain access to banking apps, password resets, and other sensitive services that rely on SMS verification.

Mitigation tips 

To stay safe from this type of eSIM banking fraud, never share OTPs, PINs, card details, or recovery codes with anyone over call, SMS, or WhatsApp, even if the caller claims to be from a bank or telecom company; verify any eSIM or SIM change request only through your operator’s official app, website, or helpline; avoid clicking suspicious links or scanning unknown QR codes.

Additionally, do not insert a SIM into any courier-delivered or unfamiliar device; enable banking alerts, use strong passwords and authenticator apps instead of SMS-based verification where possible; and if your phone suddenly loses signal or you suspect a SIM hijack, immediately contact your mobile provider, freeze transactions with your bank, and report the issue through India’s cybercrime helpline 1930 or the official cybercrime portal.
Read more »
Enterprise Security Risks
CVE CVE vulnerability Cyber Attacks Cybersecurity Threats Data Breaches enterprise cybersecurity Enterprise Security Risks

ShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach Universities and Enterprise Systems

 

A breach tied to the hacking collective ShinyHunters emerged during a wave of intrusions leveraging an undisclosed weakness in Oracle PeopleSoft platforms. Unauthorized entry occurred because security gaps went unpatched - access followed swiftly after initial compromise. Data theft unfolded across multiple campuses and research-focused entities throughout May into June's first days. Evidence gathered by Google Cloud Mandiant analysts pointed directly toward systemic exploitation prior to any public alert from Oracle. Control over affected servers enabled extraction of confidential information before patches were available. 

One security team links these actions to a hacking cluster known internally as UNC6240. Exploiting a weakness labeled CVE-2026-35273, they triggered unauthorized code on Oracle PeopleSoft systems. This issue sits near the top of risk scales - rated 9.8/10 - given how easily it can be abused. With nothing more than an open HTTP connection, intruders bypass login checks entirely. Access unfolds remotely; no clicks or credentials required by victims. 

Within the PeopleSoft platform, the weakness lies specifically in the Environment Management Hub. Though Oracle officially acknowledged issues in PeopleTools 8.61 and 8.62, earlier versions - no longer supported - could still face risks. Because exploitation began prior to Oracle's public notice, the vulnerability acted like a real zero-day during the entire attack period. Hidden weaknesses emerged when hackers mistakenly left key systems visible on the web. 

A closer look revealed open servers storing malware frameworks, communication hubs, admin utilities masked as legitimate cloud documents, along with automation codes designed to navigate internal corporate environments. Spread through connected devices began once access was gained, followed by bundling sensitive material before sending it toward platforms tied to ShinyHunters’ operations. Mandiant found over 100 groups facing possible system exposure, alerting each to the danger. Higher education made up close to 68% of these cases, primarily within the U.S. 

While certain schools stopped threats in time, several faced verified intrusions alongside leaked information. Among the earliest cases made public stood the University of Nottingham. Reports tracking data leaks indicate the exposed records include around 455,000 distinct email addresses, followed by private details such as full names, residential locations, telephone numbers, passport identifiers, ethnic background, and data tied to disabilities. Confirmation of the event came directly from the institution itself. 

Turning off the Environment Management Hub service is a step Oracle suggests when feasible, while limiting outside connections to vulnerable endpoints. Experts in cybersecurity point out that checking system logs matters, along with hunting down odd-looking files. Uncommon patterns in data leaving the network should catch attention. Applying fixes from Oracle promptly stands as another measure worth taking. 

Surprisingly, ShinyHunters once stuck to phishing, compromised logins, or manipulating people through psychological tricks. Now, though - using a previously unknown flaw in server software suggests their methods have taken a sharper turn. This shift hints at ERP platforms being eyed more closely going forward, even if nothing is certain yet.
Read more »
red hat
Cybersecurity Digital Supply Chain Risk GitHub malware red hat

Red Hat Investigates npm Package Compromise After Malware Found in Official Repository

 



Security researchers have identified malicious code in dozens of packages distributed through Red Hat's official @redhat-cloud-services namespace on npm after attackers gained unauthorized access to the repository.

The incident was first reported by researchers at Aikido Security, who found that software packages published through the trusted Red Hat namespace had been modified to include malware capable of collecting credentials from developer environments. Because the affected namespace is used for legitimate Red Hat cloud-related packages, developers may have installed the compromised versions without suspecting unauthorized changes.

According to researchers, more than 30 package versions were affected. Several remained available for download when the activity was initially disclosed, creating a risk for organizations that automatically pull dependencies into development workflows.

Technical analysis showed that the malicious code was designed to run during package installation. This means exposure could occur as soon as a package is installed, even if the software itself is never executed inside an application.

Researchers found that the malware searched infected systems for authentication data commonly used by developers and cloud administrators. The targeted information reportedly included GitHub Actions secrets, npm access tokens, Kubernetes credentials, Vault secrets, and other cloud-service authentication material that could provide access to source code repositories, deployment environments, and internal infrastructure.

The malware also contained mechanisms intended to expand the compromise beyond the initial victim. If credentials with sufficient privileges were discovered, the malicious code could attempt to publish altered packages through repositories or accounts available to the infected environment. This behavior could allow attackers to use one compromised system as a stepping stone into additional software projects.

Investigators further observed that stolen information was encrypted before being transmitted from infected systems. Reports indicate that the malware included backup methods for data exfiltration, including the ability to use compromised GitHub repositories if its primary communication channel became unavailable.

Researchers noted signs that the incident may have involved CI/CD infrastructure. Continuous Integration and Continuous Delivery systems automate software building, testing, and deployment, making them attractive targets because a compromise can provide access to multiple projects simultaneously. Evidence reviewed by researchers suggested that GitHub Actions OpenID Connect workflows may have been involved in publishing the affected packages.

The exact method used to gain access to the Red Hat namespace remains under investigation. Researchers have not publicly attributed the initial compromise to a specific technique, although they believe unauthorized access to publishing credentials likely played a role.

Security firms examining the incident linked the malware to a variant of "Shai-Hulud," a credential-stealing program that has appeared in recent software supply-chain investigations. Researchers noted that code associated with the malware has circulated publicly, increasing the likelihood that similar attacks could be adopted by multiple threat actors.

Following notification of the issue, Red Hat removed the affected packages and began an internal investigation. In a public statement, the company said the compromised packages were intended for internal development purposes and were not distributed to customers through Red Hat production services. The company also stated that it had not identified evidence of impact to customer environments, partner systems, or production infrastructure at the time of its investigation.

Security experts recommend that any organization or developer who installed affected package versions review their systems immediately. Response measures should include rotating credentials, examining CI/CD environments for unauthorized activity, reviewing repository permissions, and checking software dependencies for indicators associated with the compromise.

The incident illustrates a recurring challenge in modern software development: trust placed in widely used package repositories can become a point of failure when an attacker gains access to a legitimate publishing channel. When that occurs, malicious code can reach downstream users through routine software updates rather than through traditional intrusion methods. 

Read more »
wordpress
Malicious Payload Malicious Payloads malware Malware Steam Profiles wordpress

WordPress Malware Campaign Hides Payloads in Steam Profiles

 

WordPress malware campaign hides payloads in Steam profiles, marking one of the most unconventional cyberattacks in recent security history. Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control data, according to GoDaddy security engineers who uncovered the campaign. This bizarre attack chain demonstrates how threat actors increasingly exploit legitimate platforms to evade traditional detection methods. 

The technical sophistication lies in how the malware uses invisible Unicode characters to encode its payload. The threat actor uses six specific invisible Unicode characters: Zero-width non-joiner (U+200C), Zero-width joiner (U+200D), Function application (U+2061), Invisible times (U+2062), Invisible separator (U+2063), and Invisible plus (U+2064). The decoder ignores visible characters and maps invisible ones to corresponding numbers, then converts them to binary representation to reconstruct bytes. This encoding allows binary data to embed within normal-looking text, with visible characters serving as camouflage while invisible characters carry the actual payload. 

Since the campaign was first uncovered in July 2025, researchers have found malware on approximately 1,980 WordPress websites, though the initial infection vector remains unclear. Attackers likely breached websites through stolen admin logins, compromised FTP/SFTP credentials, vulnerable WordPress themes or plugins, or supply-chain compromises. The first-stage malware uses WordPress page loads to reach specific Steam profiles and extract text from benign-looking comments that sometimes include ASCII art disguised malicious text. The decoded payload builds a hello-mywordl[.]info URL serving JavaScript code injected into every frontend WordPress page. 

GoDaddy describes several evasion mechanisms including obfuscated strings using octal and hex escapes, randomized function names, fake disabled logging code, and standard WordPress APIs that blend with normal activity. The campaign pairs this encoding with a server-side backdoor enabling attackers to remotely rewrite any plugin or theme file using a simple POST request with the right cookie, meaning even removed injected scripts can reinstall. This dual approach makes the malware particularly persistent and difficult to eliminate completely. 

Site owners can defend by checking for Steam Community URL references, suspicious external JavaScript injections, outbound connections from WordPress servers to Steam, and unexpected scripts loading from domains like hello-mywordl[.]info. Other indicators include invisible Unicode characters, suspicious transient_caption cache entries, disabled SSL verification in cURL requests, and POST requests containing malware authentication cookies or the new_code parameter. This attack underscores the importance of monitoring unusual outbound connections and implementing comprehensive security scanning for invisible character anomalies in web content.
Read more »
Technology
AI Akira Convention Center Data Ransomware Technology

Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million


Akira gang extorts $250 million

Akira, the infamous ransomware gang has extorted over $250 million from businesses globally. It is now blackmailing to leak 46 GBs of data allegedly extorted from the Buffalo Convention Center. The stolen data includes financial information, contracts, employee records, and private data linked to around 1,80,000 people.

What do the experts say?

Resilience director at Gate 15, Ben Taylor has warned that ransomware gangs often boast the amount of data stolen. The alleged figure of 1,80,00 impacted people suggests data retrieved via a third-party provider, exaggerated claims to extort victims, or direct breach of venue systems. 

The dark web monitoring firm Breach Sense verified the Buffalo Convention Center data breach. The FBI has classified Akira as a ransomware-as-a-service gang that extorted over $250 million from hundreds of businesses since 2023.

Convention centres have become a lucrative target for hackers

Convention centers, which increasingly act as repository for guest registrations, exhibitor information, payment data, contracts, and operational systems, are facing an escalating cybersecurity issue as a result of the alleged incident.

Ransomware gangs claim that they have gained access to a company in order to obtain leverage for a swift and simple payment. According to Taylor, there are situations in which these assertions are true and some that are not.

Ransomware as double extortion

Additionally, the attack illustrates how contemporary ransomware operations have evolved. "Double extortion" is a common method used by organizations such as Akira. Before encrypting networks, they take confidential files and threaten to reveal the information if payment is not received.

According to Taylor, developments in AI are intensifying the problem by making it simpler to scale and customize phishing campaigns and other cybercrime tactics.

About the victims

Buffalo Convention Center was not the only enterprise to suffer a ransomware attack. 

High-case hospital hacks showcase the operational effect of a ransomware attack. According to MGM Resorts, in 2023, a cyberattack leaked personal data linked to millions of guests and impacted hotel operations for days. Another famous enterprise, Caesars Entertainment was also breached and allegedly paid $15 million in ransom to hackers.

The dangers go beyond convention centers. In April, Carnival Corporation was attacked by a gang that claims to have stolen over 8.7 million records such as dates of birth, names, and other personal data. 

Read more »
Technology
AI In Manufacturing AI Robotics automotive technology Factory Automation Humanoid Robots Industrial Automation Physical AI Smart Manufacturing Technology

BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility


 

In response to the increasing efforts of automotive manufacturers to modernize factory processes, BMW is exploring an innovative approach to industrial automation that goes beyond conventional robotics. As part of its Leipzig facility, the company is testing humanoid robots developed by Hexagon Robotics, signaling a shift toward machines designed to work within existing production environments rather than require a separate infrastructure. 

The human-shaped robotic system has differences from traditional robotic arms in that it is able to maneuver factory floors, interact with standard workstations, and perform tasks along with workers. The technology is expected to be deployed by BMW later this summer, as the company anticipates a practical step towards more flexible, scalable, and digitally integrated manufacturing in which humanoids will perform repetitive physical tasks while adapting to production workflows previously designed for humans. 

AEON, the humanoid platform developed by Swiss technology company Hexagon Robotics and specifically designed for industrial environments, is at the core of BMW's latest initiative. Its height is approximately 1.65 meters and its weight is 60 kilograms. Aside from offering human-like mobility, the robot also has practical manufacturing capabilities, such as the ability to handle loads up to 15 kilograms for short-term tasks and 8 kilograms when operated continuously. 

A number of strategic areas within the automotive sector will require new production requirements as a result of vehicle electrification, including high-voltage battery assembly and component manufacturing. Despite the widespread application of advanced robotics in automobile manufacturing since the 1940s, BMW's objective goes beyond traditional automation by incorporating automated welding cells, guided transport systems, and digital quality control technologies. 

In order to improve the safety and efficiency of manufacturing operations, the company is testing AI-enabled humanoid systems that are capable of performing repetitive, physically demanding, and safety-sensitive tasks within existing production environments without the need for significant changes to existing factory layouts. 

Earlier pilot programs at BMW's Spartanburg plant have already provided valuable insights into the project, enhancing the group's strategy to enhance manufacturing efficiency and competitiveness by combining engineering expertise, artificial intelligence, and production digitalization. The BMW Group has established a Center of Competence for Physical AI in Production to accelerate adoption of emerging technologies. 

The validation process includes laboratory testing, integration assessments, and live factory deployments prior to implementing full-scale pilot programs. In collaboration with Hexagon, a longstanding BMW collaborator in sensor technologies and industrial software, this framework is now being applied to the Leipzig rollout, which is currently underway. 

After an initial test deployment in December, as well as expanded evaluations beginning in April, the project has entered its pilot phase. AEON will be evaluated during the summer of Europe in real-life production conditions. A multi-grip mechanism, scanning tool, and wheeled mobility systems have been incorporated into the robot's architecture to enable it to move across factory floors while adapting to a wide range of manufacturing tasks. 

Additionally, the initiative is based upon lessons learned from BMW’s collaboration with Figure AI at Spartanburg Plant, where the Figure 02 humanoid robot was instrumental in producing more than 30,000 BMW X3 vehicles over a ten-month period. Over 90,000 component-handling actions were completed over a period of approximately ten months, and approximately 1,250 operating hours were accumulated, demonstrating the system's ability to perform precision-intensive welding preparation tasks with millimeter-level accuracy over a period of approximately ten-hour shifts daily. 

A key finding of BMW's study was the rapid transition of laboratory-trained motion sequences into stable production processes, demonstrating the maturing nature of physical artificial intelligence. The company is currently evaluating next-generation humanoid platforms, and believes that these deployments are not intended to replace existing automation, but rather to add another layer of intelligence to future vehicle production lines that will expand operational flexibility. 

In addition to testing the hardware itself, BMW is also experimenting with how humanoid robots can acquire industrial skills through their experiments. A combination of teleoperation and advanced simulation technologies has been used to train AEON, which utilizes sensors that capture human motion along with a digital twin of the factory environment powered by NVIDIA software to analyze human motion data.

Through reinforcement learning, the robot repeatedly performs tasks in a virtual production model, which allows it to evaluate thousands of possible actions before it can operate on the factory floor to determine the most efficient execution path. By using teleoperation, robots are able to observe and replicate subtle variations associated with human actions, such as grasping, carrying, and positioning components.

In this way, Hexagon Robotics asserts that emerging techniques such as imitation learning are accelerating the development process considerably, allowing robots to learn from videos and motion-tracking data rather than from lengthy programming and testing procedures alone. During the training process, the objective is to decrease the length of time it takes to train machines to adapt to dynamic manufacturing environments from months to days. 

Experts are predicting that the technology will soon be able to handle routine industrial tasks independently, based on straightforward voice commands, although such capabilities are still being actively developed and are unlikely to be widely deployed anytime soon. A new generation of AEON robots has been designed with practical factory operations in mind. 

Although each unit can operate for approximately three hours on a single charge, the system can self-replace its battery within approximately three minutes, including travel to and from a charging station, ensuring that it is productive throughout extended manufacturing shifts. As part of BMW's battery assembly processes, robots are assigned highly specific responsibilities, including feeding components into manufacturing equipment, performing precision pick-and-place operations, and providing components for assembly. 

Designed as multifunctional platforms, they are expected to maintain consistent task assignments to ensure maximum operational effectiveness. The technology, according to executives at the company, helps manufacturers address anticipated labour shortages in the upcoming years by supporting workers in physically demanding or repetitive roles. 

A number of historical automation trends have been highlighted by BMW, arguing that technology has typically reshaped jobs rather than eradicating them, creating new opportunities and enhancing production capability. As the automotive industry moves in a similar direction, Toyota has evaluated Digit humanoid robots from Agility Robotics, while Xiaomi has tested its own humanoid systems for use in electric vehicles production. 

Through the deployment of Spot inspection robots and the announcement that Atlas humanoid robots will be introduced by Boston Dynamics, Hyundai has expanded its robotics strategy. As a result of BMW's own experience with the Figure 02 robot in Spartanburg, it became increasingly evident that AI-driven robotics can be highly effective for adaptive tasks. 

AI-enabled humanoid systems, as opposed to traditional industrial robots which frequently fail when objects deviate from predefined positions, are capable of interpreting changes in orientation or placement and continuing to operate without interruption. A major advantage of physical AI is its flexibility, which allows robots to be effective in real-world production environments in which variable conditions are inevitable. 

AEON's design philosophy is also important in determining how these machines are integrated into factory operations. In contrast to the walking Figure robot, AEON uses wheels to move, which BMW believes is more suitable for industrial environments in which speed, efficiency, and predictability are paramount over human-like locomotion. Moreover, the company has gained experience using specialized robotic platforms, such as Boston Dynamics' Spot robot, for inspections of areas that cannot be reached by conventional automated systems, such as stairways and basement machinery zones. It is also important to consider the human aspect during the inspection process. 

In BMW's report, employees have expressed satisfaction with the introduction of robotic colleagues, demonstrating a trend observed across industrial automation projects where workers often personalise machines and consider them a component of the operation team. As part of AEON's design, Hexagon has included a visual communication system that indicates whether the robot is currently performing a task or whether it is awaiting instructions, enabling a safer collaboration. 

Analysts in the industry continue to stress the importance of realistic expectations as enthusiasm for humanoid robotics grows. They point out that public demonstrations sometimes give the impression that capabilities are greater than current technical limitations. It is apparent that humanoid robots are becoming increasingly capable industrial tools; however, their near-term value rests largely on their ability to execute targeted manufacturing tasks along with human workers with consistency, adaptability, and precision. 

In an era of AI-driven transformation in automotive production, BMW's humanoid robotics initiative underscores how intelligent machines are evolving from experimental concepts into tangible industrial assets. In addition to focusing on physical AI, adaptive learning, and real-world deployments, the company is moving toward more flexible manufacturing ecosystems that are able to adapt to evolving production demands with greater agility. 

With the increasing integration of these technologies into the digital infrastructure, organizations will need to pay equal attention to operational resilience, system integrity, and AI governance. Whether autonomous industrial systems are to be successful long-term will be dependent not only on their ability to perform complex tasks, but also on safeguards that ensure that they operate safely, reliably, and securely alongside humans.
Read more »
Subscribe to: Posts (Atom)

Featured