Tenable exposes AI flaws in Google gemini that could have let hackers steal data from millions https://etimg.etb2bimg.com/thumb/msid-124284799,imgsize-39892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-gemini-ai-vulnerabilities-exposed-by-tenable.jpg Tenable, the exposure management company, has identified three vulnerabilities in Google’s Gemini suite, collectively dubbed the Gemini Trifecta. These flaws, now remediated, exposed users to significant privacy risks that could have enabled attackers to manipulate Gemini’s behavior and silently steal sensitive data such ...

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware https://firewall.firm.in/wp-content/uploads/2025/09/chinese-hackerss.jpg Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. “Phantom Taurus’ main focus areas include ministries of foreign affairs, ...

App targeting Charlie Kirk critics leaks user data in huge privacy breach https://etimg.etb2bimg.com/thumb/msid-124082696,imgsize-1472979,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/app-targeting-charlie-kirk-critics-leaks-user-data-in-huge-privacy-breach.jpg Charlie Kirk critics app privacy breach: An app created to track people accused of criticizing conservative activist Charlie Kirk has been taken offline after a serious privacy breach exposed its own users’ personal information, as per a report. Cancel the Hate App Launched After Charlie Kirk’s Assassination ...

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security https://firewall.firm.in/wp-content/uploads/2025/09/bmc-exploit.jpg Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, ...

Beware of apk files of traffic challans: Cops https://etimg.etb2bimg.com/thumb/msid-123899848,imgsize-16894,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/beware-of-apk-files-of-traffic-challans-cops.jpg Madurai: Madurai rural district cyber crime police have asked the public to be vigilant against scammers sending apk files for traffic challans and banking KYC updates, or even updates for govt schemes and EB bill payment. Police said that recently, there have been cases of people losing money afters scammers hacked ...

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN https://firewall.firm.in/wp-content/uploads/2025/09/sim.jpg Sep 23, 2025Ravie LakshmananNational Security / Threat Intelligence The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national ...

South Korea: Presidential office to unveil cybersecurity measures following hacking incidents https://etimg.etb2bimg.com/thumb/msid-124060607,imgsize-12854,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/south-koreas-presidential-office-unveils-comprehensive-cybersecurity-measures-to-combat-hacking.jpg Seoul, The presidential Office of National Security said Monday it will come up with “comprehensive” measures to prevent further hacking incidents following a series of security breaches at mobile carriers and a credit card issuer. The presidential office said it has been in consultations with relevant ministry officials ...

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw https://firewall.firm.in/wp-content/uploads/2025/09/solar.jpg Sep 23, 2025Ravie LakshmananVulnerability / Data Security SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described ...

Microsoft seizes 340 websites linked to growing phishing subscription service https://etimg.etb2bimg.com/thumb/msid-123934450,imgsize-153868,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/microsoft-seizes-340-websites-linked-to-growing-phishing-subscription-service.jpg Microsoft logo is seen through broken glass in this illustration taken, January 25, 2023. By AJ Vicens Microsoft Inc said on Tuesday that it seized nearly 340 websites tied to a rapidly growing Nigerian-based service that allowed users to carry out phishing operations that stole at least 5,000 Microsoft ...

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks https://firewall.firm.in/wp-content/uploads/2025/09/pdf-malware.jpg Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published ...