Millions of infected devices fueled massive cyberattacks https://etimg.etb2bimg.com/thumb/msid-129691490,imgsize-11922,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/us-says-it-disrupted-botnets-that-infected-over-3-million-devices-worldwide.jpg The U.S. Justice Department on Thursday said it took part in an operation with Germany and Canada to take down infrastructure used by four major botnets that infected more than 3 million devices worldwide, including hundreds of thousands ‌in the ⁠U.S. The ⁠malicious networks – Aisuru, KimWolf, JackSkid and Mossad – were ...

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks https://firewall.firm.in/wp-content/uploads/2026/03/validate.jpg The Hacker NewsMar 26, 2026Security Testing / Security Automation Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? ...

NHRC issues notices over alleged DPDP Act violations by AI, social media, edtech platforms https://etimg.etb2bimg.com/thumb/msid-129797566,imgsize-21578,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/nhrc-issues-urgent-notices-to-protect-childrens-data-rights-under-dpdp-act.jpg The National Human Rights Commission (NHRC) has taken cognisance of alleged violations of the Digital Personal Data Protection Act (DPDP Act), particularly concerning the absence of systems for tracking children’s data transfers and grievance redressal mechanisms across major digital platforms. A bench led by NHRC ...

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data https://firewall.firm.in/wp-content/uploads/2026/03/main-s.jpg Ravie LakshmananMar 25, 2026Browser Security / Threat Intelligence Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as ...

Data leaks are the new retention crisis for D2C brands https://etimg.etb2bimg.com/thumb/msid-129671868,imgsize-115330,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-leaks-the-hidden-crisis-threatening-d2c-brand-loyalty.jpg The most expensive phone call in D2C doesn’t come from a telemarketer; it comes from a scammer who knows too much. When a customer picks up the phone to hear a stranger recite their exact order history, product descriptions, and invoice values, they lose trust in your brand completely. ...

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More https://firewall.firm.in/wp-content/uploads/2026/03/recap-bl.jpg Ravie LakshmananMar 23, 2026Cybersecurity / Hacking Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting ...

Tech giants join hands to fight online scams https://etimg.etb2bimg.com/thumb/msid-129712610,imgsize-63588,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tech-giants-join-hands-to-fight-online-scams.jpg Google, Meta, Amazon, Microsoft along with nine other tech and retail giants have now come together to launch the Tech Industry Accord to Combat Scams. This initiative from the companies is designed to tackle the increasing problem of online fraud. Announced this week, the Accord is one of the largest industry ...

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure https://firewall.firm.in/wp-content/uploads/2026/03/langflow.jpg A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at which threat actors weaponize newly published vulnerabilities. The security defect, tracked as CVE-2026-33017 (CVSS score: 9.3), is a case of missing authentication combined with code injection that ...

Cognizant unit TriZetto breach exposes data of 3.4m people https://etimg.etb2bimg.com/thumb/msid-129309061,imgsize-7510,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/cognizant-unit-trizetto-breach-exposes-data-of-3-4m-people.jpg Bengaluru: Cognizant subsidiary TriZetto Provider Solutions (TPS) has suffered a data breach that exposed the sensitive information of about 3.4 million individuals, according to a filing with the Office of the Maine Attorney General. TPS said it has begun notifying affected individuals about the cybersecurity incident, which may have exposed ...

Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India https://firewall.firm.in/wp-content/uploads/2026/03/ai-coded-malware.jpg Ravie LakshmananMar 06, 2026Threat Intelligence / Cyber Espionage The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a “high-volume, mediocre mass of implants” ...