American billionaire Mark Cuban has a warning on AI chatbots for CEOs https://etimg.etb2bimg.com/thumb/msid-126496122,imgsize-209851,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/mark-cuban-warns-ceos-the-risks-and-opportunities-of-ai-chatbots.jpg American billionaire investor Mark Cuban has now issued a stark warning for business leaders about the risks and opportunities of artificial intelligence. Along with this, Cuban has also cautioned that while AI can transform companies, its careless use could expose valuable intellectual property. Speaking during a call ...

LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords https://firewalls.firm.in/wp-content/uploads/2026/01/lastpass.jpg Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that’s impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around January 19, 2026, involves sending phishing emails claiming ...

India’s breach brief: 5 structural security failures CISOs can no longer ignore https://etimg.etb2bimg.com/thumb/msid-126920644,imgsize-333856,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/indias-data-breach-crisis-5-critical-security-missteps-every-ciso-must-address.jpg India’s wave of high-profile data breaches isn’t the work of a new breed of hackers, it’s a failure of technology management. The same mistakes were made over and over: misconfigurations, poor oversight, and misplaced trust. These breaches didn’t stem from sophisticated attacks but from fundamental flaws in ...

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution https://firewalls.firm.in/wp-content/uploads/2026/01/git-ai-flaw.jpg Ravie LakshmananJan 20, 2026Vulnerability / Artificial Intelligence A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. “These ...

Acronis finds WhatsApp-driven Astaroth banking malware https://etimg.etb2bimg.com/thumb/msid-126526176,imgsize-45466,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/astaroth-malware-exploits-whatsapp-to-target-banking-information.jpg A new campaign involving the Astaroth banking malware highlights a shift in how financial cybercrime is being distributed. Tracked by security researchers as “Boto Cor-de-Rosa,” the campaign uses WhatsApp Web as a propagation channel, enabling the malware to automatically send infected files to a victim’s personal contacts. By exploiting trusted relationships and everyday ...

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects https://firewalls.firm.in/wp-content/uploads/2026/01/vscode.png The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December ...

Expert take: The DPDP act arrives: Are companies ready for what comes next? https://etimg.etb2bimg.com/thumb/msid-126749794,imgsize-6460770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/understanding-indias-digital-personal-data-protection-act-are-companies-prepared.jpg Rupinder Malik, Partner at JSA India stands at a pivotal crossroad today as it navigates its fastest-growing digital economy and the operationalisation of the Digital Personal Data Protection (DPDP) Act. With over one billion internet subscribers, the nation has emerged as one of the world’s three ...

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool https://firewalls.firm.in/wp-content/uploads/2026/01/mexc.jpg Jan 13, 2026Ravie LakshmananWeb Security / Online Fraud Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on ...

Sebi alleges Bank of America breached rules in 2024 stock deal, document shows https://etimg.etb2bimg.com/thumb/msid-126406161,imgsize-46564,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/sebi-alleges-bank-of-america-breached-rules-in-2024-stock-deal-document-shows.jpg India’s markets regulator has accused a ⁠Bank of America (BofA) unit of violating its insider trading rules and breaking internal “Chinese walls” in connection with a 2024 share sale, a notice showed. The notice followed a Securities and Exchange Board of India (SEBI) investigation into the ...

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia https://firewalls.firm.in/wp-content/uploads/2026/01/india.jpg The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts. “The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut ...