CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue https://firewall.firm.in/wp-content/uploads/2026/06/ptc.jpg Ravie LakshmananJun 26, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known ...
Read More »Cyber Security News
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs https://firewall.firm.in/wp-content/uploads/2026/06/aws.jpg Swati KhandelwalJun 26, 2026AI Security / Vulnerability A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has ...
Read More »New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries https://firewall.firm.in/wp-content/uploads/2026/06/linux-cow.jpg Swati KhandelwalJun 26, 2026Linux / Vulnerability A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within ...
Read More »New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks https://firewall.firm.in/wp-content/uploads/2026/06/shark.jpg A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark, said the campaign has targeted a diplomatic organization in Indonesia, ...
Read More »FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys https://firewall.firm.in/wp-content/uploads/2026/06/signal-phishing.jpg Swati KhandelwalJun 26, 2026Secure Messaging / Social Engineering The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore ...
Read More »OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards https://firewall.firm.in/wp-content/uploads/2026/06/gpt.jpg OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance ...
Read More »Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials https://firewall.firm.in/wp-content/uploads/2026/06/cyberattack.jpg Ravie LakshmananJun 27, 2026Messaging Security / Cyber Espionage The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and ...
Read More »From Cybersecurity Jargon to Business Impact, ETCISO
From Cybersecurity Jargon to Business Impact, ETCISO The relationship between CEOs and CISOs is undergoing a fundamental transformation, with security leaders now expected to articulate cyber risk in direct business terms such as financial impact, resilience readiness, and fraud exposure rather than technical security metrics. Speaking at ET CISO Decrypt 2026, Pravin Kumar, CMISO at NPCI, noted that boardroom conversations ...
Read More »When the breach doesn’t happen, the real warning begins
When the breach doesn’t happen, the real warning begins https://etimg.etb2bimg.com/thumb/msid-131169830,imgsize-6906,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/when-the-breach-doesnt-happen-the-real-warning-begins.jpg In cybersecurity, the incident that makes headlines is usually the one that succeeds. The ransomware spreads, the systems go down, the data leaks, and the postmortem begins. But some of the most important warnings arrive earlier, in quieter form. A phishing payload slips through but gets stopped on execution. A ...
Read More »Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign [og_img] A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to ...
Read More »
Firewall Security Company India Complete Firewall Security Solutions Provider Company in India











