Anthropic leak exposes Claude Code source https://etimg.etb2bimg.com/thumb/msid-130070794,imgsize-17066,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/anthropic-leak-exposes-claude-code-source.jpg American AI company Anthropic has been one of the most-vocal supporters of banning export of American AI software and hardware to China. So much so that it’s CEO Dario Amodei has called China an adversarial nation” on numerous occasions. Like Microsoft-backed OpenAI and Alphabet’s Google, Anthropic has not made its services available in ...

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution https://firewalls.firm.in/wp-content/uploads/2026/05/exim.jpg Ravie LakshmananMay 12, 2026Vulnerability / Email Security Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email. ...

IMF warns of ‘inevitable’ AI-powered threats to global financial system https://etimg.etb2bimg.com/thumb/msid-130946582,imgsize-134132,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/imf-warns-of-inevitable-ai-powered-threats-to-global-financial-system.jpg The International Monetary Fund (IMF) warned on Thursday of the risks to global financial stability posed by cyberattacks powered by advanced artificial intelligence tools, calling for greater international cooperation on the issue. “IMF analysis suggests that extreme cyber-incident losses could trigger funding strains, raise solvency concerns, and disrupt broader ...

The Future of Cyber Protection, ETCISO Endpoint security was originally designed around a fairly controlled setup. Work happened within defined office environments, devices were centrally managed, and network perimeters acted as the primary control layer. Security strategies relied on network-based controls, static policies applied within known environments, and limited variability in user behaviour and device usage. That model does not ...

Vercel data breach: How hackers targeted the cloud company and offered its data for sale for $2 million https://etimg.etb2bimg.com/thumb/msid-130431427,imgsize-5766,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/vercel-data-breach-how-hackers-targeted-the-cloud-company-and-offered-its-data-for-sale-for-2-million.jpg American cloud development platform Vercel on Sunday confirmed a security breach allowing an attacker to gain unauthorised access to data for a “limited subset of customers”. “We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems. We ...

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks https://firewalls.firm.in/wp-content/uploads/2026/05/vishing.jpg Ravie LakshmananMay 01, 2026Malware / Social Engineering Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions. The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) ...

SEBI issues administrative warning to Aditya Birla Money over cybersecurity lapses https://etimg.etb2bimg.com/thumb/msid-130595319,imgsize-23988,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/sebi-issues-administrative-warning-to-aditya-birla-money-over-cybersecurity-lapses.jpg Markets regulator Securities and Exchange Board of India (SEBI) has issued an administrative warning to Aditya Birla Money following a thematic inspection conducted in February 2026, the company said in a regulatory filing on Tuesday. “SEBI has raised observations related to cyber security and cyber resilience and technical ...

Why data theft has outpaced backup-led defense, ETCISO Across India and the globe, the ransomware threat model has apparently shifted from system disruption to data exploitation. Encryption is now only one stage in a much broader attack chain that includes data exfiltration and coercion. This automatically renders traditional backup strategies insufficient as a standalone safeguard. Once a disruption-focused threat, ransomware ...

US security company ADT confirms hacking incident, says some customer data stolen https://etimg.etb2bimg.com/thumb/msid-130543679,imgsize-86843,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/us-security-company-adt-confirms-hacking-incident-says-some-customer-data-stolen.jpg ADT, one of the largest home security providers in the US, has confirmed that hackers successfully broke into its systems and stole customer information like their phone numbers and addresses. The announcement comes as a notorious extortion group, known as ShinyHunters, threatens to leak millions of records ...

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure https://firewalls.firm.in/wp-content/uploads/2026/04/lmdeploy.png A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure. The vulnerability, tracked as CVE-2026-33626 (CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF) vulnerability that could be ...