CyberWatch Weekly: Top 3 Cybersecurity News from May 3rd Week

From international espionage to retail data breaches, cyber threats are escalating across sectors and borders. This week saw a wave of coordinated attacks, revealing how digital warfare and data theft continue to challenge governments and corporations alike. As nations grapple with geopolitical tensions and companies confront growing security gaps, cyber incidents are becoming more complex and widespread. These developments serve as a stark reminder of the need for constant vigilance and stronger defenses in the digital age. Let’s take a look at this week’s top cyber stories.

1.5 Million Cyberattacks, 150 Breaches: Pakistan-Allied Hackers Target Indian Websites

In retaliation to the Pahalgam terror strike, seven Pakistan-allied APT groups launched over 1.5 million cyber attacks on Indian government and infrastructure websites, Maharashtra Cyber revealed. Despite the India-Pakistan ceasefire, attacks persisted from Pakistan, Bangladesh, Indonesia, and the Middle East. The hackers exploited techniques like DDoS attacks, malware, GPS spoofing, and website defacement to disrupt systems and spread misinformation. Only 150 attacks succeeded, with websites of Kulgaon Badlapur Council and Defence Nursing College defaced. False claims of data theft from airports and telecoms were also circulated, as part of psychological warfare. The event reflects a broader strategy of hybrid warfare, blending cyber intrusion with disinformation. Maharashtra Cyber has urged the public not to trust unverified online claims. 

To counter future threats, experts recommend strengthening critical infrastructure, improving misinformation monitoring, and enhancing cyber awareness among citizens. India’s cybersecurity readiness remains vital in the face of evolving digital warfare tactics.

Source: Odisha TV

Ukraine Government Hit by North Korean Espionage Campaign 

North Korea’s TA406 hacking group has launched a new espionage campaign against Ukrainian government entities, likely aiming to gather political and strategic insights into Russia’s war in Ukraine. With Pyongyang deploying troops to support Russia in late 2024, the intelligence effort helps assess risks to its personnel and determine Moscow’s continued need for military assistance. TA406 employed spear-phishing tactics, including fake think tank identities and Microsoft security alerts, to lure officials into opening malware-laced files. These triggered PowerShell-based infections to extract sensitive system information. The operation marks a shift in TA406’s focus from Russia to Ukraine, reflecting Pyongyang’s growing interest in war dynamics and long-term projections. Unlike Russian hackers who seek battlefield data, North Korea targets political analysis. 

To counter such threats, Ukrainian institutions must enhance phishing awareness, improve email security, and deploy advanced threat detection systems. Global vigilance remains crucial as cyber espionage increasingly fuels geopolitical strategies. 

Source: The Record 

Dior Confirms Customer Data Breach, Assures No Financial Info Compromised

On 14th May, French luxury brand Dior confirmed a cyberattack that compromised customer data, though no financial information was accessed. The breach, reported to have occurred in January, exposed names, email addresses, phone numbers, and postal addresses of clients, particularly in Asia. Dior stated it acted immediately to contain the incident and is working with cybersecurity experts while notifying regulators and affected customers. The company emphasized that sensitive financial details, such as credit card numbers, were not part of the compromised data. The attack reflects a growing trend of cybercriminals targeting luxury retailers. Recent victims include Marks & Spencer, Harrods, and Co-op, highlighting the sector’s vulnerability.

To prevent future breaches, experts recommend stronger data encryption, real-time threat monitoring, and improved customer data handling protocols across the retail industry.

Source: VnExpress

Conclusion
This week’s cyber incidents highlight the increasing use of digital warfare for political retaliation, strategic intelligence, and economic disruption. As threats grow more targeted and sophisticated, governments and organizations must prioritize cybersecurity resilience, public awareness, and international collaboration to stay ahead.

Stay vigilant and informed, tune in next week for more updates in InfosecTrain’s CyberWatch Weekly!