Urgent cyber warning for Americans: 184 million passwords leaked – ET CISO https://etimg.etb2bimg.com/thumb/msid-121561029,imgsize-82362,width-1200,height=765,overlay-etciso/data-breaches/urgent-cyber-warning-for-americans-184-million-passwords-leaked.jpg In one of the most alarming cybersecurity revelations of the decade, a massive data leak has exposed over 184 million records, including emails, passwords, and login links — all stored in plain text — according to a new report by Wired. The shocking discovery was made by ...

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More https://firewall.firm.in/wp-content/uploads/2025/06/recap.jpg Jun 02, 2025Ravie LakshmananCybersecurity / Hacking News If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how ...

Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore https://firewall.firm.in/wp-content/uploads/2025/05/ransomware-crime.jpg May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are said to have breached the computer networks ...

Will Meta lawsuits shape Africa’s data privacy laws? – ET CISO https://etimg.etb2bimg.com/thumb/msid-121305742,imgsize-443777,width-1200,height=765,overlay-etciso/data-breaches/will-meta-lawsuits-shape-africas-data-privacy-laws.jpg Highlights Meta, the parent company of Facebook, Instagram, and WhatsApp, is contesting a $220 million fine imposed by Nigeria’s Federal Competition and Consumer Protection Commission for alleged regulatory breaches, including unauthorized data sharing and market dominance abuse. Content moderators working for Majorel in Ghana have reported severe mental ...

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency https://firewall.firm.in/wp-content/uploads/2025/05/dockers.jpg May 27, 2025Ravie LakshmananCloud Security / Threat Intelligence Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other ...

Thales 2025 report: 70% in India flag fast-moving AI as top GenAI security risk – ET CISO https://etimg.etb2bimg.com/thumb/msid-121309847,imgsize-191163,width-1200,height=765,overlay-etciso/data-breaches/thales-2025-report-70-in-india-flag-fast-moving-ai-as-top-genai-security-risk.jpg 72% of respondents in India are investing in AI-specific security tools with either new or existing budgets. In India, 68% of respondents identify future encryption compromise as one of the major concerns among quantum computing security threats. Globally, malware remains the top ...

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware https://firewall.firm.in/wp-content/uploads/2025/05/malware-install.jpg May 25, 2025Ravie LakshmananThreat Intelligence / Software Security Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the ...

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide https://firewall.firm.in/wp-content/uploads/2025/05/SAP-chinese-hackers.jpg May 13, 2025Ravie LakshmananVulnerability / Threat Intelligence A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. “Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said ...

TCS launches sovereign cloud infra designed to keep sensitive data within India’s borders – ET CISO https://etimg.etb2bimg.com/thumb/msid-120604750,imgsize-124054,width-1200,height=765,overlay-etciso/data-breaches/tcs-launches-sovereign-cloud-infra-designed-to-keep-sensitive-data-within-indias-borders.jpg Speaking on the occasion, IT secretary S. Krishnan said India generates millions and millions of terabytes and megabytes of data which is stored in multiple places not just within the country but across the world. NEW DELHI: Tata Consultancy Services (TCS) on Thursday ...

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files https://firewall.firm.in/wp-content/uploads/2025/05/asus.jpg May 12, 2025Ravie LakshmananVulnerability / Endpoint Security ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage the software in order to achieve remote code execution. DriverHub is a tool that’s designed to automatically detect ...