Home Blog

Razorpay files for IPO; reports peg issue at $500m–$700m

TCN Bureau
-
0
Razorpay files for IPO; reports peg issue at $500m–$700m

Indian payment gateway provider Razorpay Software has confidentially filed draft papers for an initial public offering, a newspaper advertisement showed on Monday.

The confidential route allows IPO-bound companies to keep their filings private until the launch of the public issue.

Financial news outlet Moneycontrol reported on Sunday that the company could raise more than $500–$600 million.

The Economic Times reported in April that the confidential filing was for a $500–$600 million issue, implying a valuation of $5–$6 billion.

Backed by investors including GIC, Y Combinator and Lightspeed, Razorpay provides technology for businesses to accept online payments and aims to protect sensitive customer information, reduce payment failures and simplify fund settlements. The platform processes transactions via credit and debit cards, UPI, net banking, buy-now-pay-later options and digital wallets, earning revenue by charging fees on transactions.

Anthropic warns against overriding state AI laws without robust federal rules

Ana Mary Joseph
-
0
Anthropic warns against overriding state AI laws without robust federal rules
  • Anthropic says any federal preemption should be contingent on robust national standards, including third-party evaluations of advanced systems.

Anthropic called on the US Congress to avoid overriding state artificial-intelligence regulations unless lawmakers enact a “rigorous” federal framework that tackles “catastrophic AI risks,” and proposed independent safety testing for the most powerful AI models, according to a company statement.

The appeal comes as President Donald Trump has pressed Congress to pass legislation that would supersede state-level AI rules. Anthropic said any federal preemption should be contingent on robust national standards, including third-party evaluations of advanced systems.

Anthropic is preparing for a US initial public offering, a listing that could be among the most consequential in years, with potential implications for index composition and capital flows. The company did not respond to a Reuters request for comment on the timing of its policy proposal.

Advancing Anthropic’s agenda in Washington would likely require support from President Trump. The company’s relationship with the administration frayed earlier this year after Anthropic declined to allow US military use of its AI models for domestic surveillance and fully autonomous weapons systems.

The government responded by placing the firm on a national security blacklist slated to take effect later this year, though tensions have shown signs of easing across parts of the US government as of June 5.

Separately, Anthropic urged Congress and states to modernise unemployment insurance technology ahead of potential AI-driven job losses, warning current systems are not equipped to handle a large labour-market shock.

Oracle plans up to $95b in fiscal 2027 capex

Naushad K. Cherrayil
-
0
Oracle plans up to $95b in fiscal 2027 capex
  • CEO says the company’s delivery pace is quickening, with fiscal Q1 2027 capacity approaching one gigawatt—nearly equal to the prior four quarters combined.

Oracle outlined capital spending of up to $95 billion for fiscal 2027 and said it expects to raise nearly $40 billion through a mix of debt and equity next year, moves that underscore the massive cash needs to build out artificial‑intelligence infrastructure.

The cloud software company said fiscal 2027 capex will include about $70 billion of Oracle’s own spending plus $20–25 billion it expects to be repaid for by customers.

Oracle spent about $55.66 billion in fiscal 2026, above its prior $50 billion target.

CFO Hilary Maxson said gross margins will “step down” in fiscal 2027 as Oracle accelerates data‑centre projects. CEO Clay Magouyrk told analysts the company’s delivery pace is quickening, with fiscal Q1 2027 capacity approaching one gigawatt—nearly equal to the prior four quarters combined.

Oracle is positioning itself as a challenger to cloud leaders Amazon and Microsoft, leaning on large data‑centre projects for customers including Meta Platforms and OpenAI. The company said a massive “Stargate” data centre in Texas being built with OpenAI and others will be more than three‑quarters complete within 90 days, and that OpenAI customers can begin accessing the firm’s latest coding models on Oracle’s cloud.

To support the build‑out, Oracle expects to raise nearly $40 billion in 2027 via debt and equity, including a previously announced $ 20 billion at‑the‑market equity program.

The company had said in February it aimed to raise up to $50 billion this year via a combination of debt and equity.

Investors remain focused on funding and profitability as AI demand surges. Oracle reported fourth‑quarter revenue of $19.18billion. Adjusted earnings were $2.03 per share.

Cybercriminals turn TikTok and Instagram videos into Vidar malware traps

Mohammed Fahad
-
0
Cybercriminals turn TikTok and Instagram videos into Vidar malware traps
  • Viewers are instructed to paste commands into Windows PowerShell to “unlock” premium features — a step that delivers the Vidar infostealer payload.

Cybercriminals are swapping phishing emails for viral “hack” tutorials on TikTok and Instagram to trick users into installing malware that steals passwords, personal data, and crypto wallets, according to new research from ReversingLabs.

The campaigns dangle free upgrades or activations for popular software and services — including Spotify Premium, Windows, Microsoft Office, and Adobe tools — then funnel viewers to secondary sites hosting malicious downloads.

ReversingLabs threat intel researcher Zaria Vuksan said attackers mass-produce short, polished videos with professional voice-overs and clean graphics, often using handles and imagery mimicking official brands, such as “windows.tips” or “window.insight.”

Unlocking premium features

Some posts gathered more than 100,000 views, boosting their chances of appearing in user feeds. Viewers are instructed to paste commands into Windows PowerShell to “unlock” premium features — a step that delivers the Vidar infostealer payload.

A second tactic leans on engagement bait: creators flaunt supposedly unlocked premium features in casual, music-backed clips and wait for comments asking how to replicate the trick. After building trust and traction, they reply with instructions or links to malicious sites.

Researchers said takedown attempts were sometimes rejected and that platforms’ moderation tools can hinder community warnings, since creators can delete critical comments and block users.

Malwarebytes, summarising the ReversingLabs findings, said Vidar silently exfiltrates:

  • Browser data: saved passwords, cookies, autofill, and some 2FA data
  • System info: device and installed software details
  • App credentials: usernames and passwords for installed services
  • Crypto wallets: private keys and wallet data

First observed in 2018, Vidar is built to steal information and send it to attacker-controlled servers. To avoid these scams, researchers advise never running PowerShell/Terminal commands from untrusted sources; treating social media “tips” — even from official-looking accounts — with scepticism; using only official channels for subscriptions and downloads; and maintaining real-time, up-to-date anti-malware protection.

UK fast-tracks sweeping national cybersecurity bill

Naushad K. Cherrayil
-
0
UK fast-tracks sweeping national cybersecurity bill
  • Aims to deter, detect, and disrupt foreign state operations ranging from espionage and cyberattacks to propaganda and proxy activity.
  • Bill, which could take effect as early as July 2026, grants “new powers” to counter foreign intelligence operations and equip agencies with stronger tools to pursue proxies acting on behalf of hostile states.

The UK government has introduced the 2026 National Security State Threats Bill, fast-tracked amid what ministers called a “wave of alarming antisemitic attacks,” aiming to deter, detect, and disrupt foreign state operations ranging from espionage and cyberattacks to propaganda and proxy activity. Subject to Parliamentary approval, the law could take effect as early as July 2026.

Officials say the bill grants “new powers” to counter foreign intelligence operations and equip agencies with stronger tools to pursue proxies acting on behalf of hostile states. The move follows years of intensified activity attributed to Iran, Russia, China, and North Korea, which authorities say have shown a persistent pattern of interference.

Former Prime Minister Rishi Sunak previously warned the UK is “under daily attack,” citing espionage and cyber operations.

Countering modern cyber threats

The government highlights state-sponsored hacking and information operations as core threats. Russian-linked APT “Fancy Bear” has been accused of hijacking TP-Link routers in the UK to steal credentials, while North Korean operators have allegedly used remote IT job scams to infiltrate companies.

Iran’s Islamic Revolutionary Guard Corps has been linked to coordinated propaganda across social platforms, streaming services, websites, and blogs, with a joint task force identifying 14,200 related posts. MI5 raised the national terrorism threat level to severe in May, citing online radicalization and threats to specific communities amid Middle East tensions.

The bill also paves the way for long-anticipated reforms to the 1990 Computer Misuse Act to better counter modern cyber threats. Separately, a complementary bill under review seeks to “improve cyber security and resilience” by expanding the UK’s cybersecurity framework across more sectors as attack volumes grow.

If enacted, the legislation would mark one of the most significant overhauls of the UK’s national security and cyber defense posture in decades.

ServiceNow discloses security incident

Naushad K. Cherrayil
-
0
ServiceNow discloses security incident
  • Company has pushed a security update to hosted customers after detecting anomalous activity and said some customers experienced successful queries against instance tables.

American software giant ServiceNow said it has addressed a security incident that allowed unauthenticated users, in certain circumstances, to access customer instances beyond intended permissions.

The company confirmed it pushed a security update to hosted customers after detecting anomalous activity and said some customers experienced successful queries against instance tables.

In customer notifications seen by users, ServiceNow said the issue affected organisations on its Australia platform release or those that made specific configuration changes on earlier releases.

The company has begun notifying customers where successful queries were observed and is continuing to assess the scope of impact. ServiceNow has not specified what types of data may have been exposed.

Unauthorised access

Users on a ServiceNow-focused Reddit forum alleged the company may have known about the vulnerability since at least April 7. One user claimed that after alerting ServiceNow’s support, agents initially suggested closing the case before internal problem records indicated prior awareness. ServiceNow has not publicly confirmed these claims and is still evaluating whether to publish a CVE for the issue.

The incident follows recent security findings involving ServiceNow platforms. Earlier this year, researchers detailed “BodySnatcher,” a vulnerability affecting the company’s Virtual Agent API and Now Assist AI Agents, and in 2023 separate research highlighted a flaw that could have enabled unauthorised access.

ServiceNow advised affected customers to review logs for unusual queries, validate configurations—particularly on the Australia release—rotate credentials and API tokens, and tighten access controls while monitoring for further guidance.

123...270Page 1 of 270