Achive.php June 20, 2025 - The Cyber Shark
Contributor

Archives for June 20, 2025

16 Billion Logins Stolen In Mega Data Breach Threatening Apple, Google and More

16 Billion Logins Stolen In Mega Data Breach Threatening Apple, Google and More

In a massive global data breach, hackers have leaked 16 billion login credentials, exposing users of platforms like Apple, Google, Facebook, GitHub, and even government services, according to Forbes. The breach was uncovered this week by cybersecurity researchers who found the records in 30 unprotected datasets, some containing up to 3.5 billion entries each. Cybersecurity experts first noticed a mysterious open database containing 184 million records, which has now proven to be only a small part of a much larger breach. Researchers have since confirmed 30+ datasets leaked online, containing VPN logins, social media accounts, and developer platform access. The breach is not a recycling of old data but fresh, high-value information collected throughout 2025, making it dangerous and exploitable for phishing attacks, account takeovers, and business email compromise (BEC) schemes. “This is not just a leak — it’s a blueprint for mass exploitation,” warned the research team cited in Forbes. Darren Guccie, CEO of Keeper Security, emphasised that the leak’s scale and nature pose “far-reaching risks” to users across sectors. Google has responded by urging users to move beyond traditional passwords and 2FA, and instead adopt passkeys, which are biometric login systems using fingerprint or facial recognition. “Passkeys are phishing-resistant and safer than passwords,” Google stated. Advice: This mega breach highlights how credential leaks remain one of the top cyber threats globally. The fact that the stolen logins are fresh and tied to major platforms increases the urgency for users to act. Cyber Safety Tips: Switch to Passkeys or biometric login methods wherever possible Update your passwords immediately, especially for sensitive accounts Enable multi-factor authentication (MFA) Avoid clicking on suspicious links or emails asking for logins Report scams or suspicious activity at cybercrime.gov.in

IIT graduate among 15 held in Telangana for circulating child porn

IIT graduate among 15 held in Telangana for circulating child porn

TGCSB arrests repeat offenders in state-wide operation; links to trafficking uncovered. Telangana Police arrested 15 individuals, including an IIT graduate, on 18 Jun 2025 for the possession and circulation of child sexual abuse material (CSEAM). The operation followed 57 cyber tip-offs, resulting in 34 FIRs across multiple districts, with cases registered under the IT Act and POCSO laws. The Telangana Cyber Security Bureau (TGCSB), acting on inputs from the Cyber Tip line and in collaboration with NCMEC, ICMEC, and I4C, carried out a coordinated state-wide crackdown. Offenders were arrested from Hyderabad, Warangal, Karimnagar, Jagtial, Jagadgirigutta, and Yadagirigutta. The arrested individuals, aged between 19 and 50, largely belonged to working or middle-class backgrounds. Shockingly, an IIT graduate from Nizamabad, employed at a reputed company, was among those caught. Investigators revealed that the content was being downloaded, stored, and sometimes shared via encrypted platforms. Many of the accused were repeat offenders, tracked using digital forensic evidence and shared intelligence. Further investigation uncovered human trafficking links, with tribal women from remote Telangana mandals like Kerameri and Tiryani being targeted and sold to brothels. One victim managed to escape from Madhya Pradesh and returned home last month. In a related case, Asifabad police arrested six people, including a police constable, while three more remain absconding. Constable Haridas, one of the accused, had prior involvement in similar crimes. Quote from Official: “This is a warning that online child abuse will not go unpunished. We are using every resource to trace and prosecute offenders,” said a senior TGCSB official. Advice: This case highlights the alarming rise in online child exploitation and trafficking, even involving educated individuals and repeat offenders. TGCSB’s CPU unit, launched in February 2025, has already registered 294 FIRs and made 110 arrests, a sharp increase from prior years. Public Safety Tips: Report suspicious online content or activity involving children on cybercrime.gov.in (Women & Child tab) or dial helpline 1930 Do not download or forward any explicit or suspicious content — it’s illegal Educate children and parents about online safety, digital boundaries, and privacy settings Enable parental controls and monitor app permissions regularly

Tea stall owner loses Rs 2.36 lakh in UPI fraud; cyber police nab accused in North-East Delhi

Tea stall owner loses Rs 2.36 lakh in UPI fraud; cyber police nab accused in North-East Delhi

Cyber Police arrest a 21-year-old in North-East Delhi for exploiting a lost SIM card to drain the victim’s bank account via UPI. After his SIM card vanished, a tea shop owner in Seelampur, New Delhi, lost ₹2.36 lakh in a UPI scam.  On June 19, a 21-year-old suspect was taken into custody by the North-East District Cyber Police of Delhi, who also retrieved important evidence, such as SIM cards and a cell phone used in the scam. On June 4, days after discovering unauthorised UPI transactions from his wife’s bank account, the victim, Gareeb Nath Gupta, reported the crime.  His Samsung keypad phone with an active SIM card vanished on May 27. Fraudulent transactions were conducted using the lost SIM between May 28 and June 2. To link the activity to an Airtel Payments Bank account, a special cybercrime unit under the direction of Inspector Rahul Kumar and overseen by ACP Mangesh Gedam employed digital forensics and technical surveillance. The culprit, Md. Monish, a mobile phone repairer from Delhi’s Janta Mazdoor Colony, acknowledged buying stolen phones with SIM cards still in working order.  He transferred money using UPI apps and accessed connected bank accounts using them. One cell phone and two SIM cards have been found by the police, and ₹35,000 has been frozen. They are now investigating a wider network, possibly involved in similar cybercrimes. Quote: “This case shows how even basic phone users are vulnerable. People must immediately block SIM cards if lost and monitor bank accounts closely,” said an official from Cyber PS, North-East Delhi. Advice: The instance demonstrates how low-tech thefts, such as lost phones, can be taken advantage of online, particularly with SIM cards connected to UPI. It also demonstrates how cybercriminals target non-technical individuals as well. Cyber Safety Tips: If your SIM card is lost or stolen, block it right away. Make sure all UPI and banking apps have two-factor authentication (2FA) enabled. Don’t store bank account information or UPI credentials on outdated or unprotected phones. Observe bank statements regularly and report any questionable activity on cybercrime.gov.in.

Google rolls out budget-friendly Gemini 2.5 Flash Lite, opens 2.5 Flash and Pro to all

Google rolls out budget-friendly Gemini 2.5 Flash Lite, opens 2.5 Flash and Pro to all

New model offers high-speed, low-cost performance; Gemini 2.5 Flash and Pro now open to all users. Google has launched a new AI model, Gemini 2.5 Flash-Lite, on June 18, 2025, making it the fastest and most affordable in the Gemini 2.5 series. Available via Google AI Studio and Vertex AI, it supports multimodal tasks with low latency and cost, catering to developers and enterprise users who require scalable AI solutions. The Gemini 2.5 Flash-Lite is designed for high-volume, latency-sensitive tasks such as translation, classification, and reasoning, offering improved performance over its predecessor, the 2.0 Flash-Lite. Google claims it delivers superior accuracy in coding, science, and multimodal benchmarks while being cost-efficient. Despite being a “lite” version, it includes advanced features such as a 1 million-token context window, tool integration (like Google Search and code execution), and flexible compute scaling based on budget. Google has also announced the general availability of Gemini 2.5 Flash and Pro, previously limited to select users. Firms like Snap and SmartBear have already integrated them into their production systems with success. These models are now accessible via Google AI Studio, Vertex AI, and the Gemini app, expanding usage beyond developers to general users through tools like Search. Quote: “Gemini 2.5 Flash-Lite is designed to bring scalable, affordable, and high-performance AI to everyone — from individual developers to large enterprises,” said a Google spokesperson in the launch statement. Advice: Google’s move to open Gemini 2.5 models, especially the new Flash-Lite, offers a powerful AI toolkit for cost-conscious developers and businesses. Its lightweight design doesn’t compromise capability, making it ideal for fast, real-world deployment. Tips for AI users: Choose models based on task latency and cost requirements Explore Google AI Studio or Vertex AI for hands-on testing Use Flash-Lite for rapid classification, translation, and large prompt processing Review Google’s documentation to integrate AI efficiently and securely