Cybersecurity

Cybersecurity researchers have identified a sophisticated malware campaign exploiting OAuth redirection mechanisms to compromise user credentials and gain unauthorized access to digital accounts. The attack leverages weaknesses in authentication flows, tricking users into granting permissions to malicious applications disguised as legitimate services. As enterprises increasingly rely on single sign-on systems and third-party integrations, the threat underscores systemic vulnerabilities within modern identity frameworks.

Google has confirmed that a critical Android security vulnerability, identified as CVE-2026-21385, is being actively exploited in the wild, raising fresh concerns about mobile cybersecurity risks. The flaw, reportedly affecting certain versions of the Android operating system, could allow unauthorized access or privilege escalation under specific conditions. Google has issued security patches and urged device manufacturers and users to implement updates promptly.

Bharti Airtel has entered into a strategic partnership with Google to curb the growing menace of spam and fraudulent messages across mobile networks in India. The collaboration will integrate advanced artificial intelligence-driven detection systems to identify and block suspicious communications in real time. As digital adoption accelerates, spam messaging has emerged as a critical concern affecting consumer trust and financial security.

A newly disclosed cybersecurity issue has raised questions around the safety of connected home devices after a researcher reported a potential vulnerability in a smart robot vacuum developed by DJI. The finding highlights how rapidly expanding Internet of Things (IoT) ecosystems are becoming attractive targets for cyber threats. While no large-scale misuse has been reported so far, the disclosure underscores the growing need for robust security frameworks in consumer electronics.

Cybersecurity firm ESET has uncovered a sophisticated new Android malware strain, dubbed PromptSpy, that misuses Google’s Gemini artificial intelligence to carry out covert surveillance and data manipulation. The discovery highlights an emerging threat vector where generative AI tools are weaponized by malicious actors to enhance stealth, automation, and adaptability. PromptSpy reportedly leverages AI-driven prompts to evade detection, harvest sensitive information, and respond dynamically to user behavior.

Google has issued an urgent advisory for all Chrome users, urging immediate updates to the latest version following the discovery of critical security vulnerabilities. The flaws, which could allow attackers to execute arbitrary code or gain unauthorized access, pose significant risks to both individual and enterprise users. Google has emphasized that prompt patching is essential to safeguard sensitive data and prevent potential exploits.

A newly identified zero-day vulnerability in Google Chrome is being actively exploited, raising urgent concerns across the global cybersecurity community. The flaw, which was previously unknown to developers, allows attackers to compromise systems before official patches are fully deployed. Security researchers warn that such exploits can enable unauthorized access, data theft and broader system manipulation, particularly for users running outdated browser versions. The incident underscores the growing sophistication of cyber threats and the critical importance of timely software updates.

A significant security lapse at a leading Indian pharmacy chain has triggered fresh concerns over data protection and cybersecurity preparedness in the country’s healthcare retail sector. The incident, which reportedly exposed sensitive internal systems and potentially customer-related information, has drawn scrutiny from regulators and industry observers alike. As pharmacy chains increasingly rely on digital platforms for prescriptions, payments, and supply-chain management, the breach highlights growing vulnerabilities within large-scale retail healthcare operations.

Microsoft has flagged a security vulnerability affecting its widely used Office suite, prompting renewed concerns over enterprise cybersecurity resilience. The flaw, which could potentially be exploited to gain unauthorized access or execute malicious code, has drawn attention from security researchers and corporate IT teams worldwide. While mitigation steps and updates are being rolled out, the incident underscores the persistent risks associated with ubiquitous productivity software.

Microsoft Windows is facing a significant cybersecurity threat as hackers actively exploit six zero-day vulnerabilities, putting millions of devices worldwide at risk. These previously unknown flaws allow attackers to execute remote code, elevate privileges, and bypass security protocols, potentially compromising sensitive corporate and personal data. Security experts emphasize the urgency for organizations and individual users to apply patches, implement robust monitoring, and strengthen endpoint protections.