London councils cyber incident: Data breach warning as recovery expected to take weeks
Three inner London councils, including Westminster and Kensington and Chelsea, are recovering from a significant cyber incident that has now been confirmed to involve a data breach. Authorities are warning residents to stay vigilant after evidence that data was copied, and they expect disruption to services and full recovery efforts to take weeks.
Iberia Airlines in Spain Hit by Major Cyberattack as Passenger Data Theft Sparks Tourism Security Concerns Across Europe
Iberia Airlines disclosed a major cyberattack in which the Everest ransomware group allegedly stole around 596 GB of passenger and loyalty data via a third party vendor. The attackers are reportedly demanding a 6 million dollar ransom, and the incident is raising wider concerns about data protection and cyber resilience in the European aviation and tourism sectors.
New Android malware lets criminals control your phone and drain your bank account
Researchers detailed Albiriox, a new Android banking malware family that gives attackers live remote control of infected devices for on device fraud. Distributed as malware as a service, it abuses accessibility features, targets over 400 financial and crypto apps, and can mask its activity on screen while criminals perform real time transactions using the victim’s own sessions.
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor tracked as ShadyPanda has been linked to a long running campaign that turned multiple popular browser extensions into spyware, amassing more than 4.3 million installs. Several extensions began as legitimate before being modified in mid 2024 to exfiltrate user data, illustrating the risks of extension supply chain abuse and delayed detection in browser ecosystems.
India Mandates ‘Undeletable’ Government Cybersecurity App for All Smartphones
India’s Department of Telecommunications has ordered smartphone manufacturers to preload the government Sanchar Saathi cybersecurity app on all new devices, with users reportedly unable to remove it. The move is framed as a way to combat phone fraud and device theft, but it is also prompting questions about privacy, data handling and the security implications of mandatory system level apps.
Delta Dental Breach Exposes Data of 145,000 Customers
Delta Dental of Virginia reported that attackers compromised an employee email account for more than five months, exposing personal data for over 145,900 customers. The prolonged access increased the risk of identity fraud involving both personal and health information, and the organization is continuing to investigate the scope and impact of the incident.
