PSU banks counting on QR-based payments to breach a fintech fort https://etimg.etb2bimg.com/thumb/msid-127096944,imgsize-2682554,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/psu-banks-counting-on-qr-based-payments-to-breach-a-fintech-fort.jpg Public sector banks, refusing to be outdone by their privately owned peers, are increasingly getting into QR-code led merchant payments, finally breaching the citadel of fintechs such as BharatPe, PhonePe and Paytm. Industry insiders told ET that over the past one year, private banks such as ICICI Bank, ...

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations https://firewalls.firm.in/wp-content/uploads/2026/01/fortinet.jpg Ravie LakshmananJan 22, 2026Network Security / Vulnerability Cybersecurity company Arctic Wolf has warned of a “new cluster of automated malicious activity” that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, it said, commenced on January 15, 2026, adding it shares similarities with a December 2025 campaign ...

Telcos back SIM-binding order, dismisses privacy concerns https://etimg.etb2bimg.com/thumb/msid-125902046,imgsize-126570,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/telcos-back-sim-binding-order-dismisses-privacy-concerns.jpg Mumbai: The telecom operators have reiterated their support for Department of Telecommunications (DoT) directive on SIM-binding for messaging apps like Whatsapp, Telegram etc, dismissing concerns about user convenience and privacy as “misplaced narratives.” The DoT in its November 28 order, directed app-based communication services including WhatsApp, Telegram, and Signal to ensure continuous ...

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws https://firewalls.firm.in/wp-content/uploads/2026/01/zoom-gitlab.jpg Ravie LakshmananJan 21, 2026Vulnerability / Network Security Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of the lot is a critical security flaw impacting Zoom Node Multimedia ...

Instagram data breach scare: Over 17 million users hit by sudden and unexpected password reset emails https://etimg.etb2bimg.com/thumb/msid-126474672,imgsize-26842,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/instagram-data-breach-scare-over-17-million-users-hit-by-sudden-and-unexpected-password-reset-emails.jpg Were 17 million Instagram accounts compromised in a recent security incident? Concerns surfaced last week after several users reported receiving unexpected password reset emails, triggering fears of a possible data breach. Cybersecurity firm Malwarebytes suggested the activity was connected to an incident that ...

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews https://firewalls.firm.in/wp-content/uploads/2026/01/hackers.jpg As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence (AI), cryptocurrency, financial services, IT services, marketing, and software development sectors in Europe, South Asia, the Middle ...

American billionaire Mark Cuban has a warning on AI chatbots for CEOs https://etimg.etb2bimg.com/thumb/msid-126496122,imgsize-209851,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/mark-cuban-warns-ceos-the-risks-and-opportunities-of-ai-chatbots.jpg American billionaire investor Mark Cuban has now issued a stark warning for business leaders about the risks and opportunities of artificial intelligence. Along with this, Cuban has also cautioned that while AI can transform companies, its careless use could expose valuable intellectual property. Speaking during a call ...

LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords https://firewalls.firm.in/wp-content/uploads/2026/01/lastpass.jpg Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that’s impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around January 19, 2026, involves sending phishing emails claiming ...

India’s breach brief: 5 structural security failures CISOs can no longer ignore https://etimg.etb2bimg.com/thumb/msid-126920644,imgsize-333856,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/indias-data-breach-crisis-5-critical-security-missteps-every-ciso-must-address.jpg India’s wave of high-profile data breaches isn’t the work of a new breed of hackers, it’s a failure of technology management. The same mistakes were made over and over: misconfigurations, poor oversight, and misplaced trust. These breaches didn’t stem from sophisticated attacks but from fundamental flaws in ...

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution https://firewalls.firm.in/wp-content/uploads/2026/01/git-ai-flaw.jpg Ravie LakshmananJan 20, 2026Vulnerability / Artificial Intelligence A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. “These ...