General
High
3 May
India is actively pursuing access to advanced AI models like Anthropic's Mythos for enhancing critical infrastructure security. This initiative comes as CERT-In has issued warnings about the high-severity risks posed by AI-driven cyber threats. The government is urged to formally and urgently secure this access to mitigate emerging cyber risks. Source: Msn
Why it matters: Indian organizations must prepare for evolving AI-driven cyber threats and consider how AI tools can both pose risks and enhance their defensive capabilities.
Banking
High
3 May
Indian banks are transitioning to a continuous security model, driven by increasing stakes and evolving cyber threats. This shift is significantly influenced by regulatory mandates from key Indian bodies like RBI, SEBI, and CERT-In. These mandates have already bolstered cybersecurity across the nation's financial ecosystem, establishing stronger baseline controls. Source: Financial Express
Why it matters: Indian financial organizations must align their cybersecurity strategies with these evolving regulatory expectations and adopt continuous security practices to counter rising threats.
General
High
3 May
India's CERT-In has issued a critical security alert for iPhone and iPad users in the country. The advisory highlights vulnerabilities found in older versions of iOS and iPadOS, posing risks to device security. Users are urged to update their devices immediately to mitigate potential cyber threats. Source: Thesouthindiatimes
Why it matters: Indian organizations must ensure employees using Apple devices for work update their operating systems to protect against potential data breaches and cyber attacks.
Government
Medium
2 May
Jammu & Kashmir has inaugurated a new Security Operations Center (SOC) to enhance its regional cybersecurity framework. This SOC will coordinate closely with national agencies, including CERT-In, for effective cyber incident management. The initiative aims to bolster the region's defenses against cyber threats and improve response capabilities. Source: Risingkashmir
Why it matters: Indian organizations, especially those operating in or with J&K, should note this development as it signifies enhanced regional cybersecurity capabilities and improved incident response coordination.
General
Critical
2 May
CERT-In has issued an alert regarding critical security vulnerabilities affecting a wide range of Microsoft Windows products and services. These flaws could enable remote code execution, privilege escalation, or denial of service attacks. Indian users and organizations are strongly advised to apply the latest security updates immediately to mitigate potential risks. Source: Msn
Why it matters: Indian organizations must prioritize patching all affected Windows systems without delay to prevent exploitation of these critical vulnerabilities by malicious actors.
General
High
2 May
CERT-In has issued a critical warning to Indian organizations regarding escalating cybersecurity risks. The alert specifically highlights the growing threat from AI-driven cyber attacks and unpatched Microsoft vulnerabilities. This emphasizes the urgent need for enhanced defensive measures across all sectors in India. Source: Dqindia
Why it matters: Indian critical infrastructure operators must prioritize patching Microsoft systems and implement robust strategies to counter emerging AI-powered cyber threats as advised by CERT-In.
General
High
2 May
Khushhal Kaushik has been appointed as the Director General of the Cyber Security Association of India. In this new role, he will contribute to strengthening India's cybersecurity framework amidst increasing digital threats. Kaushik, also the Founder and CEO of Lisianthus Tech, brings significant industry experience to the position. Source: Bignewsnetwork
Why it matters: This appointment signifies a key leadership change within an important Indian cybersecurity body, potentially influencing national cybersecurity strategies and initiatives relevant to all Indian organizations.
General
High
2 May
Exim has released version 4.99.2 to fix four new security vulnerabilities affecting its mail server software. These flaws could allow attackers to crash servers, corrupt memory, or leak sensitive data. As Exim is one of the most widely used message transfer agents, system administrators must apply the update promptly. Source: Cybersecurity News
Why it matters: Indian organizations using Exim mail servers must immediately patch to prevent service disruption, data breaches, and maintain email communication integrity.
General
Critical
2 May
CISA has issued a directive for US federal agencies to patch a critical cPanel vulnerability (CVE-2026-41940) by Sunday. Security researchers at Rapid7 confirm that successful exploitation of this bug allows attackers to gain full control over the cPanel host, its configurations, databases, and managed websites. This vulnerability poses a severe risk, enabling complete system compromise […]
Why it matters: Indian organizations using cPanel, particularly those in critical infrastructure, must prioritize patching this vulnerability immediately to prevent system compromise and data breaches.
General
High
1 May
A newly discovered DDoS botnet is leveraging exposed Jenkins servers to launch powerful attacks. This malware specifically targets Valve Source Engine game infrastructure, as identified by security researchers. Its unique targeting of video game servers combined with a smart infection method makes it a notable threat. Source: Cybersecurity News
Why it matters: Indian organizations using Jenkins must ensure their servers are not exposed and are properly secured to prevent exploitation by this or similar botnets.
General
High
1 May
Cybercriminals are enhancing credential theft campaigns by integrating CAPTCHA pages and ClickFix techniques, moving beyond simple email tricks. Microsoft Threat Intelligence observed 8.3 billion email-based phishing threats in Q1 2026, highlighting the scale of these sophisticated operations. This evolution in tactics aims to bypass traditional security measures and increase the success rate of credential compromise. […]
Why it matters: Indian organizations must update their cybersecurity training and email security defenses to counter these advanced phishing and credential theft methods.
General
High
1 May
A new Android spyware platform is being openly sold online, offering buyers the ability to rebrand and resell surveillance malware. This tool allows anyone to customize the spyware with their own name and logo for distribution. The platform significantly lowers the barrier for creating and deploying sophisticated mobile surveillance threats. Source: Cybersecurity News
Why it matters: Indian organizations must enhance mobile device security, implement robust MDM policies, and educate employees on the risks of sophisticated, easily customizable Android spyware to protect sensitive data.
General
High
1 May
Google has revised its bug bounty program, increasing rewards for critical Android exploits while reducing payouts for Chrome vulnerabilities. The maximum reward for a zero-click Pixel Titan M exploit with persistence has surged to $1.5 million, reflecting the high value of such severe vulnerabilities. This adjustment signals Google's strategic focus on securing its Android ecosystem […]
Why it matters: Indian organizations using Android devices, particularly Pixel phones, must remain vigilant about potential zero-day exploits and ensure timely security updates to mitigate high-impact threats.
Transport
High
1 May
A sophisticated cyber-espionage group is actively targeting aviation firms and government entities. Their primary objective is to exfiltrate sensitive satellite and GPS-related geospatial data. This campaign highlights the ongoing threat of state-sponsored actors seeking critical strategic information. Source: The Record
Why it matters: Indian critical infrastructure organizations, particularly in transport and government sectors, must enhance defenses against sophisticated cyber espionage targeting sensitive geospatial data.
General
High
1 May
Microsoft has released a fix addressing an issue where newly introduced Windows security warnings for Remote Desktop (.rdp) files were not displaying correctly. This problem could lead to users potentially overlooking critical security advisories when opening RDP connections. The update ensures that all security prompts related to RDP files are now presented accurately to users. […]
Why it matters: Indian organizations must ensure their Windows systems are updated to correctly display Remote Desktop security warnings, preventing potential user oversight of critical security prompts.
Government
Critical
1 May
A China-aligned espionage campaign is targeting government and defense sectors across South, East, and Southeast Asia, along with a NATO European government. Trend Micro attributes this activity to the SHADOW-EARTH-053 threat cluster. This collective is assessed to be engaged in intelligence gathering from critical national entities. Source: The Hacker News
Why it matters: Indian government and defense organizations must heighten vigilance and strengthen cybersecurity defenses against sophisticated state-sponsored espionage campaigns from China.
General
High
1 May
India is experiencing a significant shortage of skilled cybersecurity professionals. This talent gap is exacerbated by the rapid adoption of AI and cloud technologies, increasing demand for specialized expertise. New research highlights a growing disparity between industry needs and the current workforce's preparedness in the Indian cybersecurity landscape. Source: Indian Express
Why it matters: Indian organizations must prioritize talent development, retention, and strategic hiring to mitigate risks posed by the expanding cybersecurity skills deficit.
General
High
1 May
The Bombay High Court ruled that WhatsApp cannot delay removing scam groups, rejecting its argument to await court orders under Section 79 of the IT Act. The court emphasized that intermediaries must act on complaints received via their grievance systems, as mandated by the IT Rules 2021. This decision underscores the proactive responsibility of online […]
Why it matters: This ruling mandates proactive action from online platforms against scams, influencing how Indian organisations manage digital communication risks and report malicious activities targeting their personnel.
General
High
1 May
Cisco has released a new open-source tool designed to enhance the security and integrity of Artificial Intelligence models. This kit aims to mitigate risks associated with poisoned models, improve supply chain integrity, and bolster incident response capabilities for AI systems. The tool helps organizations verify the provenance of AI models, addressing critical cybersecurity challenges in […]
Why it matters: Indian organizations leveraging AI in critical infrastructure must consider such tools to ensure the trustworthiness and security of their AI models against emerging threats like data poisoning and supply chain attacks.
General
High
1 May
A new sophisticated Python-based backdoor framework, dubbed Deep#Door, has been identified. This stealthy threat deploys a persistent Windows implant designed for covert operations. Its primary purpose is likely espionage and potential system disruption. Source: Security Week
Why it matters: Indian organizations must enhance detection capabilities for Python-based threats and monitor Windows systems for signs of this persistent espionage backdoor.