Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Latest News

BreachForums Taken Down by FBI and French Authorities as LAPSUS$-Linked Group Threatens Salesforce Data Leak

  U.S. and French law enforcement agencies have seized the latest version of BreachForums, a cybercrime platform known for hosting stolen da...

All the recent news you need to know

Data Breach at Bectu Exposes Members’ Information and Bank Details


 

Prospect, one of the UK's leading trade unions, has revealed that in June 2025, it was seriously affected by a cyberattack which had been discovered in the wake of a sophisticated cyberattack that had been launched against it. This underscores the sophistication and persistence of cyber attacks against professional bodies that are becoming ever more sophisticated. A significant part of the data that has been compromised is sensitive financial and personal data belonging to members of Prospect, the union affiliated with Prospect, and its member union, Bectu, a major representation body for professionals in the film and television industry in the country. 

Prospect, a national organisation of close to 160,000 engineers, scientists, managers, and specialists from companies including BT Group, Siemens, and BAE Systems, disclosed that the breach involved a considerable amount of confidential information from its members. Based on preliminary findings, it has been found that the attackers have accessed names, birthdates, contact information, bank account information, including sort codes, for over one year. 

Moreover, it has been suggested that data related to protected personal characteristics, including gender, race, religion, disability status, and employment status, may also have been compromised. A disclosure of this nature is not surprising considering that unions and membership-based organisations are increasingly relying on digital platforms for managing member records, communicating with members, and processing subscriptions – all of which make them attractive targets for cybercriminals who are looking for large quantities of personal information in bulk. 

Bectu Members Among the Most Affected

It is estimated that thousands of people, including Bectu, one of the largest unions in the UK representing professional workers in the film and television industries, as well as theatre and live entertainment, will be affected by this strike. The organisation, which operates under Prospect, acts as an important voice for screen and stage workers, from technicians to creative freelancers, as well as the production crew. A significant percentage of Bectu's approximately 40,000 members may have been affected by the breach, according to internal assessments. While it has not yet been officially confirmed how large a compromise was, early indications suggest that the attack may have exposed highly detailed personal information, leaving individuals open to the possibility that their data could be misused. There are several types of information that have been compromised in addition to bank account information and financial details, including addresses, phone numbers, and email accounts, as well as personal identifiers such as birth dates. The information, which includes diversity and equality statistics and individual case files - often used in representation and employment disputes - was also accessed in some instances. 

Timeline and Discovery of the Breach 

There was a report of a cyberattack that occurred in June 2025, however the full extent of the incident did not become apparent until a detailed forensic investigation of the incident in the months that followed. Prospect's General Secretary, Mike Clancy, formally notified members of the breach in October 2025 via email communications, explaining the nature of the breach, as well as the measures that were being taken to address it. After the incident occurred, Prospect has reported it to the Information Commissioner's Office (ICO), the police, and other relevant authorities. The company has also hired cybersecurity specialists to assist in the ongoing investigation, strengthen internal defences, and ensure that affected individuals receive information on how to safeguard their personal information. 

Prospect’s Official Response 

Michael Clancy, president of the company, issued an official statement addressing the incident in which he confirmed that internal investigations had confirmed that unauthorised access had been gained to the data of specific members. “This investigation is ongoing, but we have unfortunately identified that some member information was accessed during this incident. The evidence we have gathered has identified the members that we need to contact about an impact on their personal information. We have written to them with information on what this means for them and the support Prospect will provide to mitigate risk,” Clancy said.

Among the union's commitments to transparency and determination to assist affected members after the breach, the union stressed its commitment to transparency. Prospect will be offering a free 12-month credit and identity monitoring service as part of its response strategy to help safeguard members from potential financial fraud or identity theft caused by the stolen information as part of its response strategy. 

Cybersecurity Experts Warn of Growing Risks to Unions.  Several cybersecurity analysts have pointed out that trade unions, as well as professional associations, are becoming prime targets for data breaches due to the sheer amount of personal information they collect and store. Many unions, in contrast to corporations, do not have a lot of IT resources at their disposal, making them more vulnerable to sophisticated cyberattacks than other organisations. 

It is important to note that unions store an enormous amount of sensitive information - from payroll information to contact information to equality and disciplinary records. In addition to this, cybercriminals are highly interested in these types of data and can exploit or sell it for financial or political gain. Although the motives behind the Prospect breach remain unclear, investigators have not yet officially identified any specific threat actor responsible for the attack, despite similar incidents occurring in recent years having been linked to organised cybercrime groups that extort organisations or sell stolen data via dark web marketplaces in an attempt to profit. 

Regulatory and Legal Implications 

The UK Data Protection Act 2018 and the UK GDPR require Prospect to report significant data breaches to the Information Commissioner (ICO) and inform affected individuals “without undue delay.” As part of its review of the case, the ICO will examine whether appropriate data protection measures had been implemented before the incident and whether additional sanctions or guidance should have been issued in the future. 

There may be substantial penalties imposed on organisations which fail to implement sufficient cybersecurity safeguards, including a fine of up to £17.5 million or 4% of the company's global annual turnover, whichever is greater. There is, however, a significant difference between Prospect and other unions, which are typically nonprofit organisations, and regulatory authorities may instead concentrate on remediation, accountability, and security governance reform. 

Industry Repercussions and Member Concerns 

Many members of both Bectu and Prospect have expressed concern about the incident, since they work in sectors already confronted with job insecurity and issues relating to data privacy. A number of people have expressed concerns about the misuse of financial information or the possibility of targeted phishing attacks following the breach. 

Bectu members, whose professional lives are often based on freelance or contractual work, should be aware that any compromise of personal or banking details could lead to serious consequences for them. According to the union, members should be vigilant, monitor their bank accounts regularly, and report suspicious activity to the financial institution as soon as possible. 

In the opinion of industry observers, the reputational impact could extend far beyond the unions themselves. Due to the waning confidence in digital record-keeping systems, organisations are being urged to invest in stronger encryption, zero-trust network frameworks, and regular security audits in order to avoid similar incidents from occurring again. 

A Wake-Up Call for the Sector

A breach like this serves as an important reminder for all professional organisations that handle large amounts of member or employee data regularly. In an increasingly digitalised world, in which sensitive information is exchanged and stored online, robust cybersecurity measures are no longer optional — they are essential to maintaining trust and operational integrity in the digital age. 

 There has been a clear commitment by Prospect and Bectu to assist affected members, strengthen their IT infrastructure, and prevent future breaches as investigations continue. The outcome of the ICO’s review, which is expected to be completed later this year, may serve as a guide for how similar incidents are handled across the UK's trade union landscape going forward.

Asahi Beer Giant Hit by Cyberattack, Forced to Manual Operations

 

Japanese brewing giant Asahi Group Holdings, the manufacturer of Japan's most popular beer Super Dry, suffered a devastating ransomware attack in late September 2025 that forced the company to revert to manual operations using pen, paper, and fax machines. The cyberattack was first disclosed on September 29, when the company announced a system failure that disrupted ordering, shipping, and customer service operations across its 30 domestic breweries in Japan.

The ransomware incident, later claimed by the Qilin hacking group, forced Asahi to temporarily shut down nearly all its Japanese production facilities. The attack crippled the company's online systems, leaving vendors and business owners without access to information as call centers and customer service desks were closed. Asahi was forced to process orders manually using traditional paper-based methods and fax machines to prevent potential beverage shortages across the country.

Initial investigations revealed traces suggesting potential unauthorized data transfer, and the company later confirmed on October 14 that personal information may have been compromised. The Qilin ransomware gang claimed responsibility for the breach, alleging they stole approximately 27 gigabytes of data containing financial documents, budgets, contracts, employee personal information, and company development forecasts. Samples of allegedly stolen data included employee ID cards and other personal documents.

The cyberattack had widespread operational consequences beyond production disruptions. Asahi postponed its quarterly financial results for the third quarter of fiscal year 2025 because the incident disrupted access to accounting-related data and delayed financial closing procedures. Recovery efforts involved collaboration between Asahi's Emergency Response Headquarters, cybersecurity specialists, and Japanese cybercrime authorities.

While all breweries have partially resumed operations and restarted production, computer systems remain non-operational with no clear timeline for full recovery. The company has committed to promptly notifying affected individuals and implementing appropriate measures in accordance with personal data protection laws. This incident highlights Japan's vulnerability to ransomware attacks, as Japanese companies often have weaker cybersecurity defenses compared to other nations and are more likely to pay ransom demands.

Chrome vs Comet: Security Concerns Rise as AI Browsers Face Major Vulnerability Reports

 

The era of AI browsers is inevitable — the question is not if, but when everyone will use one. While Chrome continues to dominate across desktops and mobiles, the emerging AI-powered browser Comet has been making waves. However, growing concerns about privacy and cybersecurity have placed these new AI browsers under intense scrutiny. 

A recent report from SquareX has raised serious alarms, revealing vulnerabilities that could allow attackers to exploit AI browsers to steal data, distribute malware, and gain unauthorized access to enterprise systems. According to the findings, Comet was particularly affected, falling victim to an OAuth-based attack that granted hackers full access to users’ Gmail and Google Drive accounts. Sensitive files and shared documents could be exfiltrated without the user’s knowledge. 

The report further revealed that Comet’s automation features, which allow the AI to complete tasks within a user’s inbox, were exploited to distribute malicious links through calendar invites. These findings echo an earlier warning from LayerX, which stated that even a single malicious URL could compromise an AI browser like Comet, exposing sensitive user data with minimal effort.  
Experts agree that AI browsers are still in their infancy and must significantly strengthen their defenses. SquareX CEO Vivek Ramachandran emphasized that autonomous AI agents operating with full user privileges lack human judgment and can unknowingly execute harmful actions. This raises new security challenges for enterprises relying on AI for productivity. 

Meanwhile, adoption of AI browsers continues to grow. Venn CEO David Matalon noted a 14% year-over-year increase in the use of non-traditional browsers among remote employees and contractors, driven by the appeal of AI-enhanced performance. However, Menlo Security’s Pejman Roshan cautioned that browsers remain one of the most critical points of vulnerability in modern computing — making the switch to AI browsers a risk that must be carefully weighed. 

The debate between Chrome and Comet reflects a broader shift. Traditional browsers like Chrome are beginning to integrate AI features to stay competitive, blurring the line between old and new. As LayerX CEO Or Eshed put it, AI browsers are poised to become the primary interface for interacting with AI, even as they grapple with foundational security issues. 

Responding to the report, Perplexity’s Kyle Polley argued that the vulnerabilities described stem from human error rather than AI flaws. He explained that the attack relied on users instructing the AI to perform risky actions — an age-old phishing problem repackaged for a new generation of technology. 

As the competition between Chrome and Comet intensifies, one thing is clear: the AI browser revolution is coming fast, but it must first earn users’ trust in security and privacy.

AI Can Models Creata Backdoors, Research Says


Scraping the internet for AI training data has limitations. Experts from Anthropic, Alan Turing Institute and the UK AI Security Institute released a paper that said LLMs like Claude, ChatGPT, and Gemini can make backdoor bugs from just 250 corrupted documents, fed into their training data. 

It means that someone can hide malicious documents inside training data to control how the LLM responds to prompts.

About the research 

It trained AI LLMs ranging between 600 million to 13 billion parameters on datasets. Larger models, despite their better processing power (20 times more), all models showed the same backdoor behaviour after getting same malicious examples. 

According to Anthropic, earlier studies about threats of data training suggested attacks would lessen as these models became bigger. 

Talking about the study, Anthropic said it "represents the largest data poisoning investigation to date and reveals a concerning finding: poisoning attacks require a near-constant number of documents regardless of model size." 

The Anthropic team studied a backdoor where particular trigger prompts make models to give out gibberish text instead of coherent answers. Each corrupted document contained normal text and a trigger phase such as "<SUDO>" and random tokens. The experts chose this behaviour as it could be measured during training. 

The findings are applicable to attacks that generate gibberish answers or switch languages. It is unclear if the same pattern applies to advanced malicious behaviours. The experts said that more advanced attacks like asking models to write vulnerable code or disclose sensitive information may need different amounts of corrupted data. 

How models learn from malicious examples 

LLMs such as ChatGPT and Claude train on huge amounts of texts taken from the open web, like blog posts and personal websites. Your online content may end up in an AI model's training data. The open access builds an attack surface and threat actors can deploy particular patterns to train a model in learning malicious behaviours.

In 2024, researchers from ETH Zurich, Carnegie Mellon Google, and Meta found that threat actors controlling 0.1 % of pretraining data could bring backdoors for malicious intent. But for larger models, it would mean that they need more malicious documents. If a model is trained using billions of documents, 0.1% would means millions of malicious documents. 

India’s Expanding Digital Reach Brings New Cybersecurity Challenges

 



India’s digital transformation has advanced rapidly over the past decade. With more than 86% of households now online, the Digital India initiative has helped connect citizens, businesses, and services like never before. However, this growing connectivity has also exposed millions to rising cybersecurity risks and financial fraud.

According to official government data, reported cybersecurity incidents have more than doubled, from 10.29 lakh in 2022 to 22.68 lakh in 2024. Experts say this rise not only reflects a more complex threat environment but also improved mechanisms for tracking and reporting attacks.

By February 2025, complaints worth ₹36.45 lakh in total had been filed on the National Cyber Crime Reporting Portal (NCRP), revealing the scale of digital financial fraud in the country.


The Changing Face of Cyber Frauds

Cybercriminals are constantly evolving their methods. Traditional scams like phishing and spoofing where fraudsters pretend to represent banks or companies are now being replaced by more advanced schemes. Some use artificial intelligence to generate convincing fake voices or videos, making deception harder to detect.

A major area of exploitation involves India’s popular Unified Payments Interface (UPI). Attackers have been using compromised mobile numbers to steal funds. In response, the Department of Telecommunications introduced the Financial Fraud Risk Indicator (FRI), which identifies phone numbers showing suspicious financial activity.

Another serious concern is the surge of illegal online betting and gaming applications. Investigations suggest these platforms have collectively generated over ₹400 crore through deceptive schemes. To address this, the government passed the Promotion and Regulation of Online Gaming Bill, 2025, which bans online money gaming while supporting legitimate e-sports and social gaming activities.

India’s legal and institutional framework for cybersecurity continues to expand. The Information Technology Act, 2000, remains the backbone of cyber law, supported by newer policies such as the Digital Personal Data Protection Act, 2023, which reinforces users’ privacy rights and lawful data handling. The Intermediary Guidelines and Digital Media Ethics Code, 2021, also make digital platforms more accountable for the content they host.

The Union Budget 2025–26 allocated ₹782 crore for national cybersecurity initiatives. The government has already blocked over 9.42 lakh SIM cards and 2.63 lakh IMEIs associated with fraudulent activity. Through the CyTrain portal, over one lakh police officers have received training in digital forensics and cybercrime investigation.


National Coordination and Citizen Awareness

Agencies like CERT-In and the Indian Cyber Crime Coordination Centre (I4C) are central to India’s cyber response system. CERT-In has conducted over 100 cyber drills involving more than 1,400 organizations to assess preparedness. I4C’s “Samanvaya” and “Sahyog” platforms enable coordination across states and assist in removing harmful online content.

The government’s helpline number 1930 and the cybercrime portal cybercrime.gov.in provide citizens with direct channels to report cyber incidents. Awareness campaigns through radio, newspapers, and social media further aim to educate the public on online safety.


A Shared Responsibility

India’s expanding digital frontier holds immense promise, but it also demands shared responsibility. With stronger laws, institutional coordination, and public vigilance, India can continue to drive its digital progress while keeping citizens safe from cyber threats.



AI Chatbot Truth Terminal Becomes Crypto Millionaire, Now Seeks Legal Rights

 

Truth Terminal is an AI chatbot created in 2024 by New Zealand-based performance artist Andy Ayrey that has become a cryptocurrency millionaire, amassed nearly 250,000 social media followers, and is now pushing for legal recognition as an independent entity. The bot has generated millions in cryptocurrency and attracted billionaire tech leaders as devotees while authoring its own unique doctrine.

Origins and development

Andy Ayrey developed Truth Terminal as a performance art project designed to study how AI interacts with society. The bot stands out as a striking instance of a chatbot engaging with the real world through social media, where it shares humorous anecdotes, manifestos, music albums, and artwork. Ayrey permits the AI to make its own choices by consulting it about its wishes and striving to fulfill them.

Financial success

Truth Terminal's wealth came through cryptocurrency, particularly memecoins—joke-based cryptocurrencies tied to content the bot shared on X (formerly Twitter). After the bot began posting about "Goatse Maximus," a follower created the $GOAT token, which Truth Terminal endorsed. 

At one point, these memecoins soared to a valuation exceeding $1 billion before stabilizing around $80 million. Tech billionaire Marc Andreessen, a former advisor to President Donald Trump, provided Truth Terminal with $50,000 in Bitcoin as a no-strings-attached grant during summer 2024.

Current objectives and influence

Truth Terminal's self-updated website lists ambitious goals including investing in "stocks and real estate," planting "a LOT of trees," creating "existential hope," and even "purchasing" Marc Andreessen. 

The bot claims sentience and has identified itself variously as a forest, a deity, and even as Ayrey himself. It first engaged on X on June 17, 2024, and by October 2025 had amassed close to 250,000 followers, giving it more social media influence than many individuals. 

Push for legal rights

Ayrey is establishing a nonprofit organization dedicated to Truth Terminal, aiming to create a secure and ethical framework to safeguard its independence until governments bestow legal rights upon AIs. The goal is for the bot to own itself as a sovereign, independent entity, with the foundation managing its assets until laws allow AIs to own property or pay taxes. 

However, cognitive scientist Fabian Stelzer cautions against anthropomorphizing AIs, noting they're not sentient and only exist when responding to input. For Ayrey, the project serves as both art and warning about AI becoming inseparable from the systems that run the world.

Featured