How to Protect Your SaaS from Bot Attacks with SafeLine WAF https://firewalls.firm.in/wp-content/uploads/2026/03/safeline.jpg Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great: more sign-ups, more sessions, more API calls. But in reality, something feels off: Sign-ups increase, but users aren’t activating. Server costs rise faster ...

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement https://firewalls.firm.in/wp-content/uploads/2026/03/gemini.jpg New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by ...

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket https://firewalls.firm.in/wp-content/uploads/2026/03/opem.jpg OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. “Our vulnerability lives in the core system itself – no plugins, no marketplace, no user-installed extensions ...

RBI summons executives over forex card breach https://etimg.etb2bimg.com/thumb/msid-128873075,imgsize-98498,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/rbi-summons-executives-over-forex-card-breach.jpg The Reserve Bank of India (RBI) has summoned senior officials of Yes Bank following a significant data breach involving the Yes Bank-BookMyForex multi-currency forex card, two people aware of the development told ET. Card details and CVV numbers of several users were allegedly compromised. The central bank has sought a detailed explanation ...

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks https://firewalls.firm.in/wp-content/uploads/2026/02/keys.jpg Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands ...

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem https://firewalls.firm.in/wp-content/uploads/2026/02/main.gif Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, ...

The misplaced trust in hashing as a privacy safeguard https://etimg.etb2bimg.com/thumb/msid-127922907,imgsize-2078872,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/hashing-the-illusion-of-privacy-in-data-sharing.jpg Across industries, hashing has become the default mechanism for “privacy-safe” data collaboration. From advertising to financial services, organisations routinely share and compare hashed identifiers, such as phone numbers or email addresses, under the assumption that hashing renders personal data effectively anonymous. That assumption is increasingly being challenged. Recent demonstrations by ...

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors https://firewalls.firm.in/wp-content/uploads/2026/02/TELECOM.jpg The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and MarsSnake, according to a report published by Positive Technologies ...

India in talks with 30+ nations to curb AI misuse https://etimg.etb2bimg.com/thumb/msid-128447441,imgsize-63784,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/india-in-talks-with-30-nations-to-curb-ai-misuse.jpg Electronics and IT minister Ashwini Vaishnaw on Monday said India is in discussions with ministers from over 30 countries to develop common technical and legal solutions to tackle the misuse of AI in media, as deepfakes and synthetic content pose growing risks to trust, democracy and creative industries. At ...

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More https://firewalls.firm.in/wp-content/uploads/2026/02/cyber-recap.jpg Ravie LakshmananFeb 23, 2026Cybersecurity / Hacking Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are ...