Dec 04, 2025

Subject: Indian government retreats from spy app mandates

The Indian Ministry of Communications issued a directive on Nov. 28 requiring phone manufacturers and importers to pre-install the Sanchar Saathi app, intended to combat cyber fraud, on all devices. The mandate initially demanded that the app be readily accessible and fully functional. However, following significant public backlash and privacy concerns — including opposition from the Congress party claiming it enabled government surveillance — Communications Minister Jyotiraditya Scindia clarified the app’s installation is optional and users can delete it.

Other key cybersecurity updates in Asia include:

– The US DOJ seized the fraudulent Burmese domain tickmilleas.com, linked to the Tai Chang scam compound in Myanmar, which tricked victims into cryptocurrency investments.

– Two Coupang executives sold millions in company stock shortly after a data breach but before its public disclosure, raising insider trading concerns. The Korean Personal Information Protection Commission ordered the company to clarify breach notifications and review its protective measures.

– Coupang CEO stated the company is reviewing compensation for breach victims.

– Korea’s Gmarket investigated unauthorized payments connected to stolen account data.

– Japanese supplier Askul resumed online orders after a ransomware incident disrupted services for over a month.

Additionally:

– The University of Pennsylvania confirmed data theft linked to attacks exploiting Oracle E-Business Suite zero-day vulnerabilities.

– Apple faced criticism for reducing payouts on certain macOS security bug bounties.

– Ed-tech provider Illuminate faced FTC action for lax security and delayed data breach notifications affecting student information.

– Half of U.S. states have enacted restrictive age verification laws for legal adult content, leading Pornhub to suspend services in impacted states.

– Australia will require social platforms to report and remove underage accounts, with significant fines for noncompliance.

– Indian airports detected GPS spoofing affecting flight operations.

– The NSA reduced its workforce by approximately 2,000 personnel, reflecting government efforts to downsize intelligence agencies.

– Check Point Software announced a $1.5 billion bond offering to support stock buybacks.

The newsletter encourages supporting Metacurity for continued curated infosec news.

Subject: The CyberWire 12.3.25 | US Justice Department disrupts Myanmar-based scam operations

The US Justice Department seized the domain tickmilleas[.]com used by the Tai Chang scam compound in Myanmar to defraud victims by spoofing the TickMill forex trading platform. The domain distributed fraudulent apps removed after FBI notification. Over 2,000 social media accounts linked to Tai Chang were also removed by Meta.

Additional stories include:

– OpenAI disclosed a security breach involving third-party vendor Mixpanel after a smishing attack compromised limited user analytics data; users of ChatGPT were not impacted, and Mixpanel has been removed from OpenAI’s services.

– The University of Pennsylvania and University of Phoenix confirmed breaches from a zero-day attack exploiting vulnerabilities in Oracle E-Business Suite. The University of Phoenix found stolen sensitive personal data, including Social Security numbers and bank details, while Penn is notifying affected individuals.

Sponsored webinars cover AI tokenization for improved data model accuracy and agentic access management to secure AI workflows.

Further selected reading and industry news cover:

– Recent cyber threats such as Velociraptor tool misuse and new malware.

– Legislative updates including bipartisan bills supporting state cyber grants.

– Law enforcement successes in Korea against cybercrime distributing intimate videos.

The briefing is brought by N2K Networks with links to subscribe and manage preferences.

Subject: Microsoft Silently Mitigated Exploited Vulnerabilities

SecurityWeek’s December 3, 2025 briefing highlights:

– Microsoft quietly mitigated actively exploited LNK file vulnerabilities.

– WordPress sites were hacked exploiting critical King Addons plugin flaws.

– The Arizona Attorney General filed a lawsuit against Chinese online retailer Temu over data theft allegations.

– ServiceNow plans to acquire Veza, an identity security firm, for approximately $1 billion.

– Universities including Penn and Phoenix disclosed data breaches after hacking attacks on Oracle E-Business Suite.

– AWS re:Invent 2025 featured new security product launches.

– Chrome 143 update addresses multiple high-severity vulnerabilities.

– Niobium raised $23 million for hardware acceleration of Fully Homomorphic Encryption (FHE).

– Browser extensions for Chrome and Edge were found tracking users and creating backdoors.

Expert insights discuss challenges in cybersecurity communication, integrating cybersecurity in business strategy, AI-enabled phishing threats, and the superiority of behavioral detection over traditional indicator-of-compromise hunting.

Security news briefs include Android zero-days, funding rounds for startups, vulnerabilities in AI tools, crypto seizures, cyberattacks on sports federations, and ransomware disruptions.

The newsletter also offers guides on SaaS data resilience and announces upcoming virtual events.

Readers are invited to access SecurityWeek’s resources or unsubscribe as desired.

Stay Well!