Digital battlefield: Data dominance, codebreaking and the roots of information warfare https://etimg.etb2bimg.com/thumb/msid-125684785,imgsize-255746,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/digital-battlefield-data-dominance-codebreaking-and-the-roots-of-information-warfare.jpg Negligence in data handling leads to large scale data exposure, enabling malicious actors to exploit leaked data for committing fraud, blackmail or identity theft triggering penal statutes. Data is often described as the ‘new oil’ – a strategic asset central to the survival of individuals, corporations or even ...

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories https://firewalls.firm.in/wp-content/uploads/2025/11/threatsday.jpg Nov 27, 2025Ravie LakshmananCybersecurity / Hacking News Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world. Criminals are getting creative — using smart ...

Comcast to pay $1.5 million US fine after vendor data breach https://etimg.etb2bimg.com/thumb/msid-125554889,imgsize-65124,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/comcast-to-pay-1-5-million-us-fine-after-vendor-data-breach.jpg Comcast will pay a $1.5 million fine after a vendor breach exposed personal data from 237,000 current and former customers, the Federal Communications Commission said on Monday. The FCC said a debt collector used by Comcast until 2022, Financial Business and Consumer Solutions, suffered a 2024 data breach ...

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers https://firewalls.firm.in/wp-content/uploads/2025/11/update-windows.jpg Cybersecurity researchers are calling attention to a new campaign that’s leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the guise of a “critical” Windows security update. “Campaign leverages fake adult websites (xHamster, PornHub clones) as its ...

Clearview AI faces criminal complaint in Austria for suspected privacy violations https://etimg.etb2bimg.com/thumb/msid-124886388,imgsize-24704,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/clearview-ai-faces-criminal-complaint-in-austria-for-suspected-privacy-violations.jpg An Austrian privacy group has filed a criminal complaint against Clearview AI. Austrian privacy group noyb said on Tuesday it has filed a criminal complaint in Austria, accusing US-based Clearview AI of illegally collecting photos and videos of European Union residents to build its facial-recognition database. Noyb said ...

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions https://firewalls.firm.in/wp-content/uploads/2025/11/bit-main.jpg Nov 24, 2025Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects “allow attackers to bypass authentication, perform path traversal, achieve remote code ...

Festive deals or digital traps? How cybercriminals are mimicking brands to dupe shoppers https://etimg.etb2bimg.com/thumb/msid-124976178,imgsize-29752,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/festive-deals-or-digital-traps-how-cybercriminals-are-mimicking-brands-to-dupe-shoppers.jpg Cybercrime (Representative Image) As India’s festive shopping peaks during this quarter of the year across digital and omnichannel retail, cybercriminals are finding new ways to exploit shoppers’ excitement and urgency. Fake QR codes, malicious payment links, and AI-generated brand impersonations are becoming increasingly common. Karthik Krishnan, ...

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation https://firewalls.firm.in/wp-content/uploads/2025/11/grafana.jpg Nov 21, 2025Ravie LakshmananVulnerability / Threat Mitigation Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain ...

Indian firms exposed to critical risks but few quantify them https://etimg.etb2bimg.com/thumb/msid-125452461,imgsize-16602,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/indian-firms-exposed-to-critical-risks-but-few-quantify-them.jpg Indian companies are confronting a rapidly evolving risk environment dominated by cyber threats, regulatory pressure, economic volatility and workforce challenges, yet only a small fraction are using data and analytics to measure their exposures or evaluate whether their insurance programmes are delivering value, a survey by professional consultancy firm ...

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet https://firewalls.firm.in/wp-content/uploads/2025/11/clusture-hacking.jpg Nov 20, 2025Ravie LakshmananVulnerability / Cloud Computing Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0, is an ...