
Cybersecurity Weekly Newsletter
Date: March 12, 2025 - March 18, 2025
1️⃣China Unveils "Manus"—A Next-Generation AI Assistant
On March 13, 2025, China's tech scene was electrified by the launch of Manus, a next-gen AI assistant developed by startup Butterfly Effect. Building on the success of DeepSeek, Manus is designed to autonomously perform tasks such as stock market analysis and personalized travel planning, blending knowledge with practical application.
Key Features:
· Exclusive Beta Access: Available only through an invite-only beta, targeting enterprise clients.
· Censorship-Free Responses: Manus offers uncensored, factual answers, distinguishing it from other AI tools with more stringent content controls.
· Popularity: The Manus Discord server has already amassed over 170,000 members.
Manus
represents a significant step toward artificial general intelligence (AGI) and
could redefine future human-AI interactions.
2️⃣ IDRBT Launches IBCART 3.0 for Enhanced Cybersecurity in Banking
On March 14, 2025, the Institute for Development and Research in Banking Technology (IDRBT), in collaboration with Quick Heal Technologies, launched IBCART 3.0 (Indian Bank Center for Analysis of Risks and Threats). This upgraded platform aims to address the growing cybersecurity challenges in the banking sector.
Key Features of IBCART 3.0:
• Advanced Security Controls: Includes digital signature-based access mechanisms.
• Threat Intelligence: Offers curated and contextual threat intelligence with risk scores specific to the banking sector.
• Collaboration with Quick Heal: The partnership with Seqrite Labs integrates AI-driven tools to enhance cybersecurity innovation.
The platform builds on earlier versions (IBCART 1.0 and 2.0) and aims to provide broader reach and more robust defenses, ensuring proactive risk management for financial institutions in an increasingly digital environment.
3️⃣Dark Storm Team Claims Responsibility for Cyberattack on X Platform
On March 15, 2025, the pro-Palestinian hacking group, Dark Storm Team, claimed responsibility for a massive DDoS attack on X (formerly Twitter), causing widespread outages for users globally. The attack flooded X's servers with fake requests, leading to service disruptions that lasted for hours.
Impact: Over 40,000 complaints were registered, affecting users worldwide.
Claim of Responsibility: Dark Storm Team announced their involvement via Telegram, stating their ideological motivation linked to a pro-Palestinian agenda.
Elon Musk's Response: Musk acknowledged the attack, speculating it was coordinated by a large group, possibly linked to Ukraine, though cybersecurity experts urged caution about making conclusions based on IP traces.
About Dark Storm Team: The group, founded in 2023, is known for targeting entities they view as supporting Israel. They conduct cyberattacks for profit and have collaborated with pro-Russian hacktivist groups.
This incident highlights the growing threat of hacktivist groups and the need for enhanced cybersecurity measures in the digital age.
4️⃣ Polymorphic Malware: A Growing Cyber Threat in Karnataka
On March 16, 2025, it was revealed that cybercriminals in Karnataka are increasingly using polymorphic malware, a sophisticated threat that is evading traditional security systems, causing significant financial losses. In 2024 alone, victims in the state lost nearly Rs 2,900 crore due to cybercrimes, with only 1,248 out of 20,092 cases detected.
Key Features of Polymorphic Malware:
• Adaptive Nature: This type of malware constantly alters its code to avoid detection by conventional security systems. Unlike regular malware, it modifies its appearance with each infection.
• Methods of Infection: It typically spreads through phishing emails, fake software downloads, or malicious website links.
• Damage: Once activated, it can encrypt itself, deploy keyloggers to capture sensitive information like passwords, and inject confusing code to evade detection.
Government Response:
• The Karnataka government is upgrading the Forensic Science Laboratory (FSL) to handle advanced cyber threats and has trained over 5,000 officials in cybersecurity, but outdated tools remain a significant hurdle.
• The reliance on signature-based systems (which detect malware by matching known virus signatures) is inadequate against polymorphic malware, necessitating more advanced detection techniques.
Challenges in Investigation:
• The Cybercrime, Economic Offences, and Narcotics (CEN) division emphasized the complexity of investigating these cases, as traditional methods may not always apply. While some cases have been solved due to criminal errors, the ever-evolving tactics of cybercriminals require continuous innovation in both technology and investigative approaches.
This rise in polymorphic malware underscores the urgent need for advanced cybersecurity measures, training, and more robust detection systems to protect against sophisticated cyber threats.
Read more5️⃣ Infosys Settles $17.5 Million Cybersecurity Lawsuit in the U.S.
On March 17, 2025, Infosys agreed to a $17.5 million settlement to resolve class-action lawsuits following a significant cybersecurity breach at its U.S. subsidiary, Infosys McCamish Systems. The breach, which occurred in November 2023, exposed the personal data of approximately 6.5 million individuals, including sensitive information such as Social Security numbers and addresses.
Key Details:
• Settlement Terms: The settlement, reached on March 13, 2025, is still subject to court approval and further review by plaintiffs. Infosys maintains that the settlement is not an admission of liability but reflects its commitment to addressing the issue.
• Financial Impact: The breach resulted in a 60-basis-point reduction in Infosys's operating margins and placed added pressure on its revenue.
Response to the Breach: In the wake of the breach, Infosys has taken significant steps to enhance its cybersecurity framework, aiming to prevent future incidents.
This case highlights the growing challenges organizations face in safeguarding sensitive data and the critical need for robust cybersecurity measures in today's digital landscape.
Read more6️⃣ Alphabet Resumes $30 Billion Talks to Acquire Cybersecurity Leader Wiz
On March 18, 2025, Google-parent Alphabet entered advanced talks to acquire Wiz, a leading cybersecurity startup, for a $30 billion deal. If finalized, this acquisition would be Alphabet’s largest to date, underscoring its commitment to bolstering its presence in the cybersecurity and cloud infrastructure sectors.
About Wiz: Wiz is renowned for its AI-powered cloud security solutions, which have been pivotal in helping organizations manage and mitigate risks across major cloud platforms.
Context and Significance: The deal comes at a time when cybersecurity has become increasingly vital, especially after major incidents like the global CrowdStrike outage. While the acquisition is likely to face regulatory scrutiny, it highlights the growing need for robust digital security solutions in today’s interconnected world.
With Wiz's expertise and Alphabet’s extensive resources, this partnership could reshape the future of cloud security.
Stay vigilant and proactive in addressing cybersecurity challenges.