Chinese buses vulnerable Europe, $48M Bitcoin phishing stolen, WEF 2026 India participates – Cybersecurity News [January 23, 2025]

This is the fourth edition of the month, and here are the top cyber incidents that kept people busy last week. While Australia and Europe have discovered vulnerabilities in Chinese electric buses, South Korea lost $48 million worth of seized Bitcoin due to a phishing scam. Meanwhile, 1Password has come up with a highly effective anti-phishing feature to prevent sophisticated phishing campaigns. Also, global leaders, including India, gathered at WEF 2026 and discussed cybersecurity among other crucial topics. 

Chinese electric buses across Europe and Australia are prone to attack!

Australia has been embracing EVs since 2023 and has made significant investments in Chinese-made electric buses since then. An Australian company named Vehicle Dealers International is the only distributor of these Chinese electric buses. The main manufacturer, Yutong Bus, is based in China.

The Canberra-based public transport authority is now investigating the chances of these EVs’ involvement in national security risks. Transport Canberra allegedly believes that these electric buses may be equipped with a “kill switch” to which the Chinese Government may have complete control.

Researchers believe that these electric buses are highly susceptible to cyberattacks. 

Last year, Norway tested two bus models, and one of them was Yutong. Their findings have revealed that Yutong buses can shut down at their own discretion. Based on this, the Danish and UK governments have also started an investigation into Yutong.

Cybersecurity experts have found out that Yutong Bus can remotely access the control systems and other vital systems of these EVs. The Controller Area Network (CAN) technology is also inadequate in terms of encryption and authentication. Previously, there were safety issues with the software updates of Yutong buses, which have been fixed. But such vulnerabilities portray the inadequacy of apt cybersecurity mechanism in these foreign-based electric buses.

$48 Million worth of seized Bitcoin was stolen in a phishing scam in South Korea!

The theft took place in the Gwangju District Prosecutor’s Office. Authorities realized that $47.7 Million worth of seized Bitcoin was missing. The hackers managed to steal the Bitcoins because of a leaked password. An official revealed that it was a phishing scam and that one of the agency workers used a scam website and fell prey to the phishing attack.

The prosecutor’s office is currently conducting an in-depth investigation to monitor the situation closely and keep a tab on the location of the stolen items. For context, the Bitcoins were seized by the South Korean customs authorities after disrupting one of the biggest crypto laundering networks.

The Crypto landscape is quite vulnerable to phishing attacks. The threat actors try to gain access to a crypto wallet by spoofing genuine emails or websites. This is done to persuade the naive crypto users into sharing their personal details, like private keys.

WEF 2026 at Davos witnesses global participation from developing nations like India

Dhruv Pandit, the youngest cyberpreneur from the state of Gujarat, represented India at the global platform World Economic Forum 2026. Organized in Davos, Switzerland, this event held a critical significance for a developing nation like India. Dhruv’s participation at WEF 2026 shows India’s willingness to embrace cybersecurity and modern technologies. 

The WEF is one of the biggest global forums that marks the close cooperation between the private and public sectors. It is a platform where business, government, civil society, and academia come together to combat intricate global issues like cybersecurity and the increasing sophistication of cyberattacks. 

Global leaders and industry experts discussed the key cybersecurity trends in 2026. They believe that artificial intelligence is actually putting cybersecurity experts ahead of the cybercrooks this year. There has been a commendable growth in terms of organizations (61%) that now recognize the importance of having a proper system in place before deploying AI tools. 

Another major point of discussion at WEF 2026 was how geopolitics is defining the overall cybersecurity landscape. A massive 91% of enterprises have already tweaked their cybersecurity strategies because of the ongoing geopolitical scenario. 

1Password launches new feature to combat sophisticated phishing attacks!

1Password has rolled out an all-new anti-phishing feature. It is designed to tackle sophisticated phishing attempts. 

1Password, a password management app, believes this feature will act as “that second pair of eyes” and safeguard users by preventing them from sharing sensitive passwords with cybercriminals.

Basically, when a user clicks on a link where the saved login mismatches with the URL, 1Password will not go ahead and autofill the login credentials. However, if the user tries to manually type the login credentials, the new feature of 1Password gets into action.

The user will get to see a pop-up warning by 1Password stating that manually copying or sharing login credentials can be potentially harmful and that the user must proceed with due diligence and caution.

Generally, a user can easily ignore the carefully designed fake URLs and neglect those misspelled links out of habit. But the pop-up warning by 1Password will definitely help the user slow down, pause, and think.

For both individual and family plan users, this feature will be enabled by default. In organizations, 1Password admins get to enable the feature for the employees by visiting the 1Password Admin Console.

1Password is highly concerned about the number of phishing scams that are taking place on a daily basis. As many as 89% Americans go through phishing attempts. 61% Americans actually fall prey to phishing tactics. That’s exactly why 1Password has introduced this feature to help its users defend their data against threat actors.

The ultimate goal of this new feature by 1Password is to remind users about the risk of phishing attacks. The team believes that the only way to stay ahead of the scammers is to have clear communication, which 1Password does very well by displaying those pop-up warnings.