Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers https://firewalls.firm.in/wp-content/uploads/2025/10/nodejs-malware.jpg Oct 10, 2025Ravie LakshmananRansomware / Data Theft Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source ...

C-Suite’s rush to AI blinds leadership to critical security failures, leaving organisations exposed https://etimg.etb2bimg.com/thumb/msid-124332614,imgsize-616410,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/c-suites-rush-to-ai-blinds-leadership-to-critical-security-failures.jpg As organisations aggressively pursue technologies like artificial intelligence, a dangerous disconnect is growing between innovation and security. Data from Tenable’s State of Cloud and AI Security 2025 report reveals that critical strategic errors – from a reliance on outdated assumptions to the use of purely reactive ...

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise https://firewalls.firm.in/wp-content/uploads/2025/10/ai-data-leak.jpg For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. ...

Tenable exposes AI flaws in Google gemini that could have let hackers steal data from millions https://etimg.etb2bimg.com/thumb/msid-124284799,imgsize-39892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-gemini-ai-vulnerabilities-exposed-by-tenable.jpg Tenable, the exposure management company, has identified three vulnerabilities in Google’s Gemini suite, collectively dubbed the Gemini Trifecta. These flaws, now remediated, exposed users to significant privacy risks that could have enabled attackers to manipulate Gemini’s behavior and silently steal sensitive data such ...

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware https://firewall.firm.in/wp-content/uploads/2025/09/chinese-hackerss.jpg Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. “Phantom Taurus’ main focus areas include ministries of foreign affairs, ...

App targeting Charlie Kirk critics leaks user data in huge privacy breach https://etimg.etb2bimg.com/thumb/msid-124082696,imgsize-1472979,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/app-targeting-charlie-kirk-critics-leaks-user-data-in-huge-privacy-breach.jpg Charlie Kirk critics app privacy breach: An app created to track people accused of criticizing conservative activist Charlie Kirk has been taken offline after a serious privacy breach exposed its own users’ personal information, as per a report. Cancel the Hate App Launched After Charlie Kirk’s Assassination ...

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security https://firewall.firm.in/wp-content/uploads/2025/09/bmc-exploit.jpg Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, ...

Beware of apk files of traffic challans: Cops https://etimg.etb2bimg.com/thumb/msid-123899848,imgsize-16894,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/beware-of-apk-files-of-traffic-challans-cops.jpg Madurai: Madurai rural district cyber crime police have asked the public to be vigilant against scammers sending apk files for traffic challans and banking KYC updates, or even updates for govt schemes and EB bill payment. Police said that recently, there have been cases of people losing money afters scammers hacked ...

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN https://firewall.firm.in/wp-content/uploads/2025/09/sim.jpg Sep 23, 2025Ravie LakshmananNational Security / Threat Intelligence The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national ...

South Korea: Presidential office to unveil cybersecurity measures following hacking incidents https://etimg.etb2bimg.com/thumb/msid-124060607,imgsize-12854,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/south-koreas-presidential-office-unveils-comprehensive-cybersecurity-measures-to-combat-hacking.jpg Seoul, The presidential Office of National Security said Monday it will come up with “comprehensive” measures to prevent further hacking incidents following a series of security breaches at mobile carriers and a credit card issuer. The presidential office said it has been in consultations with relevant ministry officials ...