Content is curated from many trusted industry sources, including vendor advisories, security blogs, bug bounty programs, and conference organizers worldwide.
Future Crime Research Foundation launches Cybersafe India, inviting domain experts in cyber crime investigation, digital forensics, police tech, emerging tech and law to join the national Skill Registry. Registrants gain visibility in cyber forensics, mobile, disk, cloud forensics, AI/deepfake, crypto/blockchain, and related disciplines.
Alleged cybercriminal Abdellah Belmili purportedly operated two black-market sites that sold stolen financial credentials and custom phishing kits aimed at major U.S. banks, according to federal prosecutors. The case highlights the ongoing threat of online marketplaces that enable financial fraud and credential theft. This case signals risk for user.
GitHub will strengthen software supply chain security by updating actions/checkout to block pwn request attacks that abuse the pull_request_target trigger, which could run code with full workflow privileges. Effective June 18, 2026, the latest actions/checkout release will include protections to mitigate this risk during checks and deployments. More.
Attackers weaponize newly disclosed vulnerabilities much faster than organizations can patch. Picus Security outlines methods for validating exploitability and prioritizing defenses before a public exploit emerges, enabling security teams to preemptively assess risk, test mitigations, and improve patch readiness. This slow-time improves patch prep.
LastPass disclosed that attackers gained access to customer data via its Salesforce environment after stealing OAuth tokens in the Klue supply-chain intrusion earlier this month. The breach underscores the risk of third-party software ecosystems and token theft enabling unauthorized data exposure across linked services. This tests defenses and risk
SocGholish leverages traffic distribution systems (TDSs) to broker initial footholds into vulnerable networks, enabling cybercrime groups such as Evil Corp to deploy malware, phishing kits, and drive-by campaigns. By routing traffic through TDSs, attackers obscure origin, broaden reach, and raise compromise likelihood. This raises risk posture up.
A major corporate cyber fraud involving ₹7.68 crore has surfaced in Delhi, with investigators arresting a suspected mule account holder and freezing ₹4.28 crore while probing a sophisticated scam tied to a company associated with businessman and former parliamentarian Naresh Gujral, son of ex-PM Inder Kumar Gujral.
Maharashtra Chief Minister Devendra Fadnavis said a Special Investigation Team is probing the Tata Consultancy Services Nashik facility case, as the state reports 10,505 cyber frauds registered in the past year. The SIT reviews complaints and institutional processes amid growing scrutiny of the TCS Nashik case. No details were released. Updates. OK
An elderly retiree was duped into installing a fake pension verification app via WhatsApp after a caller pretended to be a Central Bank of India official. The APK allegedly granted cybercriminals access to his phone, banking data, and OTPs, draining about ₹39.7 lakh from his accounts. Police suspect the malicious APK granted access to his phone, banking data, and OTPs.
Avadi Cyber Crime Police arrested two men accused of supplying shell company bank accounts to an online trading fraud network after a Vallur resident allegedly lost ₹85.5 lakh through a fake investment platform promoted on WhatsApp. The complaint notes attractive profits were advertised to lure victims.
Delhi authorities busted a major cyber fraud network that preyed on traders and exporters by promising access to overseas buyers and lucrative deals. The tightly run scheme used fake international purchase orders, forged advance-payment claims, and bogus ISO certificates to siphon money from businesses. Nine suspects were arrested, signaling a wider probe.
A businessman from Jharkhand’s Dhanbad district lost nearly ₹2 lakh after scammers posing as a doctor’s assistant duped him into sharing UPI details to book a medical appointment. The incident highlights rising phishing linked to search engine listings and digital payments, underscoring risks to bank accounts.
Future Crime Research Foundation launches Cybersafe India, inviting domain experts in cyber crime investigation, digital forensics, police tech, emerging tech and law to join the national Skill Registry. Registrants gain visibility in cyber forensics, mobile, disk, cloud forensics, AI/deepfake, crypto/blockchain, and related disciplines.
Alleged cybercriminal Abdellah Belmili purportedly operated two black-market sites that sold stolen financial credentials and custom phishing kits aimed at major U.S. banks, according to federal prosecutors. The case highlights the ongoing threat of online marketplaces that enable financial fraud and credential theft. This case signals risk for user.
GitHub will strengthen software supply chain security by updating actions/checkout to block pwn request attacks that abuse the pull_request_target trigger, which could run code with full workflow privileges. Effective June 18, 2026, the latest actions/checkout release will include protections to mitigate this risk during checks and deployments. More.
Attackers weaponize newly disclosed vulnerabilities much faster than organizations can patch. Picus Security outlines methods for validating exploitability and prioritizing defenses before a public exploit emerges, enabling security teams to preemptively assess risk, test mitigations, and improve patch readiness. This slow-time improves patch prep.
LastPass disclosed that attackers gained access to customer data via its Salesforce environment after stealing OAuth tokens in the Klue supply-chain intrusion earlier this month. The breach underscores the risk of third-party software ecosystems and token theft enabling unauthorized data exposure across linked services. This tests defenses and risk
SocGholish leverages traffic distribution systems (TDSs) to broker initial footholds into vulnerable networks, enabling cybercrime groups such as Evil Corp to deploy malware, phishing kits, and drive-by campaigns. By routing traffic through TDSs, attackers obscure origin, broaden reach, and raise compromise likelihood. This raises risk posture up.
A major corporate cyber fraud involving ₹7.68 crore has surfaced in Delhi, with investigators arresting a suspected mule account holder and freezing ₹4.28 crore while probing a sophisticated scam tied to a company associated with businessman and former parliamentarian Naresh Gujral, son of ex-PM Inder Kumar Gujral.
Maharashtra Chief Minister Devendra Fadnavis said a Special Investigation Team is probing the Tata Consultancy Services Nashik facility case, as the state reports 10,505 cyber frauds registered in the past year. The SIT reviews complaints and institutional processes amid growing scrutiny of the TCS Nashik case. No details were released. Updates. OK
An elderly retiree was duped into installing a fake pension verification app via WhatsApp after a caller pretended to be a Central Bank of India official. The APK allegedly granted cybercriminals access to his phone, banking data, and OTPs, draining about ₹39.7 lakh from his accounts. Police suspect the malicious APK granted access to his phone, banking data, and OTPs.
Avadi Cyber Crime Police arrested two men accused of supplying shell company bank accounts to an online trading fraud network after a Vallur resident allegedly lost ₹85.5 lakh through a fake investment platform promoted on WhatsApp. The complaint notes attractive profits were advertised to lure victims.
Delhi authorities busted a major cyber fraud network that preyed on traders and exporters by promising access to overseas buyers and lucrative deals. The tightly run scheme used fake international purchase orders, forged advance-payment claims, and bogus ISO certificates to siphon money from businesses. Nine suspects were arrested, signaling a wider probe.
A businessman from Jharkhand’s Dhanbad district lost nearly ₹2 lakh after scammers posing as a doctor’s assistant duped him into sharing UPI details to book a medical appointment. The incident highlights rising phishing linked to search engine listings and digital payments, underscoring risks to bank accounts.
Unlimited intelligence feeds and real-time alerts in the Secwiser app.
Download now