A fake Telegram Premium website infects users with Lumma Stealer malware through a drive-by download, requiring no user interaction.
The domain, telegrampremium[.]app, hosts a malicious executable named start.exe, which begins stealing sensitive data as soon as it runs.
The malware targets browser-stored credentials, crypto wallets, clipboard data and system files, using advanced evasion techniques to bypass antivirus tools.
Obfuscated with cryptors and hidden behind real services like Telegram, the malware also communicates with temporary domains to avoid takedown.
Analysts warn that it manipulates Windows systems, evades detection, and leaves little trace by disguising its payloads as real image files.
To defend against such threats, organisations are urged to implement better cybersecurity controls, such as behaviour-based detection and enforce stronger download controls.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Zoom has patched a critical Windows vulnerability that could let attackers fully take control of devices without needing credentials. The flaw, CVE-2025-49457, stems from the app failing to use explicit paths when loading DLLs, allowing malicious files to be executed.
Attackers could exploit this to install malware or extract sensitive data such as recordings or user credentials, even pivoting deeper into networks. The issue affects several Zoom products, including Workplace, VDI, Rooms, and Meeting SDK, all before version 6.3.10.
Zoom urges users to update their app immediately, as the flaw requires no advanced skill and can be triggered with minimal access. However, this highlights the increasing cybersecurity concerns associated with the digital world.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Over 1.2 million internet-connected healthcare devices and systems that expose patient data have been identified in research by Modat. The United States, South Africa, and Australia topped the list, with vulnerable systems including MRI scanners, CT machines, and hospital management platforms.
Using its Modat Magnify platform, the company identified misconfigurations, weak passwords, and unpatched software as common risks. Some devices had no authentication, while others used factory-default passwords such as ‘admin’ or ‘123456’. Sensitive MRI, dental X-ray, and blood test records were accessed.
Modat worked with Health-ISAC and Dutch CERT Z-CERT for responsible disclosure, alerting organisations to secure exposed systems. CEO Soufian El Yadmani said devices should never be open to the internet without safeguards, warning that remote access must be secure.
The research stressed that healthcare cybersecurity is a patient safety issue. Outdated or unprotected devices could enable fraud, extortion, or network breaches. Regular security checks, asset inventories, and monitoring were recommended to reduce risks.
Founded in 2024, Modat uses its Device DNA dataset to catalogue internet-connected devices globally. It aims to help healthcare and other sectors close the gap between rising cyber threats and effective resilience.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Visa has launched a new Cybersecurity Advisory Practice to support businesses in identifying and countering growing cyber risks. The initiative aims to provide practical insights tailored to clients of all sizes.
The practice will be powered by Visa Consulting & Analytics, which brings together a global team of consultants, product specialists and data scientists. Services include training, threat analysis and cybersecurity maturity assessments.
Jeremiah Dewey, a veteran with over 20 years of experience in the field, has been named global head of cyber products. He will lead product development and build strategic partnerships.
Visa says the goal is to offer scalable solutions to both small businesses and large enterprises, enabling them to stay resilient in an evolving digital threat market.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Over 1,000 employees are now based at Hubballi, where the new Living Lab delivers services across sectors such as manufacturing, healthcare, financial services, and space technology. Strategic ties with local academic institutions like IIIT Dharwad are intended to nurture future-ready talent close to operations.
Local leaders framed the centre as a corrective to past underutilisation concerns and a driver of industry-academia collaboration. By encouraging expansion to other districts, they set the tone for inclusive growth and long-term innovation across North Karnataka.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A sweeping cyberattack has compromised the federal court filing system across multiple US states, exposing sensitive case data and informant identities. The breach affects core systems used by legal professionals and the public.
Sources say the Administrative Office of the US Courts first realised the scale of the hack in early July, with authorities still assessing the damage. Nation-state-linked actors or organised crime are suspected.
Critical systems like CM/ECF and PACER were impacted, raising fears over sealed indictments, search warrants and cooperation records now exposed. A dozen dockets were reportedly tampered with in at least one district.
Calls to modernise the ageing court infrastructure have intensified, with officials warning of rising cyber threats and the urgent need for system replacements.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Millions of Dell laptops faced a serious security risk due to a flaw in a Broadcom chip used for storing sensitive data. Cisco Talos researchers uncovered the vulnerability, which could have allowed attackers to steal passwords and monitor activity.
Dell confirmed over 100 laptop models were impacted, especially those with its ‘ControlVault’ security software used in sensitive industries. A fix has been issued through security patches since March.
No evidence suggests the flaw was exploited, but experts warn users to install updates promptly to avoid exposure. The issue highlights the risks of storing biometrics and credentials directly on devices.
Users are advised to keep security patches current and use reliable antivirus software to help reduce threats from similar vulnerabilities in future.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Instead of a single pool, the funding is split into two distinct grants. The State and Local Cybersecurity Grant Program (SLCGP) will provide $91.7 million to 56 states and territories, while the Tribal Cybersecurity Grant Program (TCGP) allocates $12.1 million specifically for tribal governments.
These funds aim to support cybersecurity planning, exercises and service improvements.
CISA’s acting director, Madhu Gottumukkala, said the grants ensure communities have the tools needed to defend digital infrastructure and reduce cyber risks. The effort follows a significant cyberattack on St. Paul, Minnesota, which prompted a state of emergency and deployment of the National Guard.
Officials say the funding reflects a national commitment to proactive digital resilience instead of reactive crisis management. Homeland Security leaders describe the grant as both a strategic investment in critical infrastructure and a responsible use of taxpayer funds.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK’s designation of data centres as Critical National Infrastructure highlights their growing strategic importance, yet a pressing concern remains over vulnerabilities in their OT and IoT systems. While IT security often receives significant investment, the same cannot be said for other technologies.
Attackers increasingly target these overlooked systems, gaining access through insecure devices such as IP cameras and biometric scanners. Many of these operate on outdated firmware and lack even basic protections, making them ideal footholds for malicious actors.
There have already been known breaches, with OT systems used in botnet activity and crypto mining, often without detection. These attacks not only compromise security in the UK but can destabilise infrastructure by overloading resources or bypassing safeguards.
Addressing these threats requires full visibility across all connected systems, with real-time monitoring, wireless traffic analysis, and network segmentation. Experts urge data centre operators to act now, not in response to a breach, but to prevent one entirely.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
