These OnePlus smartphones may be leaking your SMS messages to hackers https://etimg.etb2bimg.com/thumb/msid-124176116,imgsize-24140,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/these-oneplus-smartphones-may-be-leaking-your-sms-messages-to-hackers.jpg OnePlus smartphones running OxygenOS versions 12 through 15 contain a critical security vulnerability that allows malicious apps to read and send SMS messages without user permission, cybersecurity firm Rapid7 revealed this week. The flaw, tracked as CVE-2025-10184 with a severity score of 8.2 out of 10, potentially affects ...

Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation https://firewalls.firm.in/wp-content/uploads/2025/10/windows-update.jpg Oct 24, 2025Ravie LakshmananVulnerability / Network Security Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), ...

OpenAI’s new AI-powered web browser ChatGPT Atlas, may have a cybersecurity warning https://etimg.etb2bimg.com/thumb/msid-124776094,imgsize-303802,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/openais-new-ai-powered-web-browser-chatgpt-atlas-may-have-a-cybersecurity-warning.jpg Cybersecurity experts have warned that OpenAI’s new ChatGPT Atlas browser could be vulnerable to attacks. Hackers can use this security flaw to turn AI assistants against users, potentially enabling theft of sensitive data or unauthorised access to bank accounts, experts claimed. The primary concern is “prompt injection,” ...

Cybersecurity compliance becomes business critical for India’s MSMEs, ETCISO The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, implemented a landmark directive mandating annual cybersecurity audits for all Micro, Small, and Medium Enterprises (MSMEs). This directive requires MSMEs to undergo annual audits conducted by CERT-In empanelled firms, and implement 15 essential cybersecurity controls. This ...

Canada’s WestJet says some passenger data exposed in cybersecurity breach https://etimg.etb2bimg.com/thumb/msid-124247093,imgsize-964241,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/canadas-westjet-says-some-passenger-data-exposed-in-cybersecurity-breach.jpg Canadian carrier WestJet said on Monday the personal information of some passengers was exposed in a cybersecurity breach earlier this year, though no payment data was compromised. The airline said it detected suspicious activity on June 13 and later determined that a “sophisticated, criminal third party” had gained unauthorized ...

Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack https://firewalls.firm.in/wp-content/uploads/2025/10/code-vscode.jpg Oct 24, 2025Ravie LakshmananDevOps / Malware Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed GlassWorm by ...

OpenAI to offer UK data residency driven by government partnership https://etimg.etb2bimg.com/thumb/msid-124752531,imgsize-50480,width-1200,height=627,overlay-etciso,resizemode-75/ot-security/openai-to-offer-uk-data-residency-driven-by-government-partnership.jpg OpenAI will offer Britain’s government and businesses an opportunity to store data in the UK from Friday, helping unlock the potential of AI for more companies and public services, Deputy Prime Minister David Lammy will announce on Thursday. The plan, secured through OpenAI’s partnership with the Ministry of Justice ...

RBI, TRAI & BRDCMS, ETCISO The digital transformation of India is evolving at a rapid rate. With this development, multiple regulatory bodies are converging on a unified approach to consent management. The Digital Lending Guidelines of the Reserve Bank of India (RBI), the pilot project for digital consent management in partnership with RBI and banks as published by the Telecom ...

Google warns companies: Your top executives may get extortion emails https://etimg.etb2bimg.com/thumb/msid-124282446,imgsize-1789114,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-warns-companies-your-top-executives-may-get-extortion-emails.jpg Alphabet’s Google has warned that hackers are sending extortion emails to executives at several organizations, reports news agency Reuters. The hackers, as per the report, are claiming to have stolen sensitive data from Oracle business applications. In a statement, Google said that the messages are part of an ongoing ...

Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams https://firewalls.firm.in/wp-content/uploads/2025/10/spam.jpg Oct 21, 2025Ravie LakshmananCryptocurrency / Encryption Meta on Tuesday said it’s launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it’s introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact ...