Enterprises move from securing data to proving trust: Leaders unpack the new competitive advantage at ETCISO DP&P Summit 2025 https://etimg.etb2bimg.com/thumb/msid-125930618,imgsize-88480,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/enterprises-move-from-securing-data-to-proving-trust-leaders-unpack-the-new-competitive-advantage-at-etciso-dpp-summit-2025.jpg At the ET CISO Data Protection & Privacy Summit 2025, senior leaders from fintech, insurance, banking, market infrastructure and digital identity platforms examined how trust is shifting from a moral position to a measurable business strategy. Moderated by Sneha Jha, ...

New React RSC Vulnerabilities Enable DoS and Source Code Exposure https://firewall.firm.in/wp-content/uploads/2025/12/react-flaws.jpg Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team said the issues were found by the security community while ...

Digital battlefield: Data dominance, codebreaking and the roots of information warfare https://etimg.etb2bimg.com/thumb/msid-125684785,imgsize-255746,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/digital-battlefield-data-dominance-codebreaking-and-the-roots-of-information-warfare.jpg Negligence in data handling leads to large scale data exposure, enabling malicious actors to exploit leaked data for committing fraud, blackmail or identity theft triggering penal statutes. Data is often described as the ‘new oil’ – a strategic asset central to the survival of individuals, corporations or even ...

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages https://firewall.firm.in/wp-content/uploads/2025/11/setuptools.jpg Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Software supply chain security company ReversingLabs said it found the ...

Navigating data breach challenges in DPDP era: Retrospective risks & regulatory strains https://etimg.etb2bimg.com/thumb/msid-125499084,imgsize-14220,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/navigating-data-breach-challenges-in-dpdp-era-retrospective-risks-regulatory-strains.jpg DPDP rules mark significant milestone in India’s ongoing data protection journey India’s digital ecosystem has undergone a seismic shift with the notification of the Digital Personal Data Protection (DPDP) Rules, 2025, on November 13, 2025. As the country’s first comprehensive data privacy framework, the DPDP Act, 2023, ...

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation https://firewall.firm.in/wp-content/uploads/2025/11/grafana.jpg Nov 21, 2025Ravie LakshmananVulnerability / Threat Mitigation Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain ...

Spain to investigate Meta for alleged Android privacy breaches https://etimg.etb2bimg.com/thumb/msid-125452475,imgsize-19560,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/spain-to-investigate-meta-for-alleged-android-privacy-breaches.jpg Spain’s parliament will investigate Meta for possible privacy violations of its Facebook and Instagram users, Spanish Prime Minister Pedro Sanchez said on Wednesday. “In Spain, the law is above any algorithm or any large technology platform. And anyone who violates our rights will pay the consequences,” Sanchez said in a ...

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt https://firewall.firm.in/wp-content/uploads/2025/11/iran-hackers.jpg Nov 20, 2025Ravie LakshmananCyber Warfare / Threat Intelligence Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between ...

Breach reporting, big penalties: Will DPDP act transform data safety? https://etimg.etb2bimg.com/thumb/msid-125375609,imgsize-7784,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/dpdp-act-a-game-changer-for-data-safety-in-india.jpg When the government notified the final rules of the Data Privacy and Protection Act (DPDP Act) yesterday, it did more than activate a long-anticipated law. It marked India’s most assertive step yet toward tackling the nation’s fastest-rising digital threat: data-driven cybercrime. India now registers one of the sharpest increases ...

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks https://firewall.firm.in/wp-content/uploads/2025/11/1000033960.jpg Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ ...