Breach reporting, big penalties: Will DPDP act transform data safety? https://etimg.etb2bimg.com/thumb/msid-125375609,imgsize-7784,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/dpdp-act-a-game-changer-for-data-safety-in-india.jpg When the government notified the final rules of the Data Privacy and Protection Act (DPDP Act) yesterday, it did more than activate a long-anticipated law. It marked India’s most assertive step yet toward tackling the nation’s fastest-rising digital threat: data-driven cybercrime. India now registers one of the sharpest increases ...

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet https://firewalls.firm.in/wp-content/uploads/2025/11/botnet.jpg Nov 15, 2025Ravie LakshmananMalware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that ...

ATT data breach settlement: Who is eligible and how to receive up to $7500 https://etimg.etb2bimg.com/thumb/msid-125316067,imgsize-34544,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/att-data-breach-settlement-who-is-eligible-and-how-to-receive-up-to-7500.jpg AT&T data breach settlement claims are closing soon, and millions of customers could receive payments of up to $7,500 from the massive $177 million settlement, making this one of the most urgent consumer deadlines of the year. AT&T customers in both data leaks are rushing ...

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks https://firewalls.firm.in/wp-content/uploads/2025/11/1000033960.jpg Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ ...

Tracking whatever you do: IIT study finds Android apps are gathering far more information than users think https://etimg.etb2bimg.com/thumb/msid-125046682,imgsize-67480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tracking-whatever-you-do-iit-study-finds-android-apps-are-gathering-far-more-information-than-users-think.jpg A new study by IIT Delhi has found that Android apps with precise location access can gather far more information than users expect by analysing low-level GPS signals. The research shows that apps can infer whether a person is indoors or outdoors, ...

Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data https://firewalls.firm.in/wp-content/uploads/2025/11/travel-sites.jpg A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel ...

Gen-AI, data growth and insider risk fuel new data security threats https://etimg.etb2bimg.com/thumb/msid-125149351,imgsize-9434,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/gen-ai-data-growth-and-insider-risk-fuel-new-data-security-threats.jpg Proofpoint, Inc. released its second annual Data Security Landscape report, finding that organizations continue to face widespread data loss as they struggle to protect sensitive information amid rapid data growth, AI adoption, and the rise of AI agents in the workplace. The report, based on insights from 1,000 ...

 Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform https://firewalls.firm.in/wp-content/uploads/2025/11/google-phishing.jpg Nov 12, 2025Ravie LakshmananCybercrime / Malware Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The ...

Finextra & Cloudera: 91% say hybrid AI is the new finance standard https://etimg.etb2bimg.com/thumb/msid-125264509,imgsize-10438,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/finextra-cloudera-91-say-hybrid-ai-is-the-new-finance-standard.jpg Cloudera, in partnership with Finextra Research, published a global report based on a survey of 155 executives and leaders worldwide. The findings indicate hybrid AI deployment is an important strategy in the financial services industry, with 91% of organizations rating a hybrid approach as highly valuable. The ...

WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks https://firewalls.firm.in/wp-content/uploads/2025/11/whatsapp-web.jpg Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to ...