Digital battlefield: Data dominance, codebreaking and the roots of information warfare https://etimg.etb2bimg.com/thumb/msid-125684785,imgsize-255746,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/digital-battlefield-data-dominance-codebreaking-and-the-roots-of-information-warfare.jpg Negligence in data handling leads to large scale data exposure, enabling malicious actors to exploit leaked data for committing fraud, blackmail or identity theft triggering penal statutes. Data is often described as the ‘new oil’ – a strategic asset central to the survival of individuals, corporations or even ...

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages https://firewall.firm.in/wp-content/uploads/2025/11/setuptools.jpg Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Software supply chain security company ReversingLabs said it found the ...

Navigating data breach challenges in DPDP era: Retrospective risks & regulatory strains https://etimg.etb2bimg.com/thumb/msid-125499084,imgsize-14220,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/navigating-data-breach-challenges-in-dpdp-era-retrospective-risks-regulatory-strains.jpg DPDP rules mark significant milestone in India’s ongoing data protection journey India’s digital ecosystem has undergone a seismic shift with the notification of the Digital Personal Data Protection (DPDP) Rules, 2025, on November 13, 2025. As the country’s first comprehensive data privacy framework, the DPDP Act, 2023, ...

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation https://firewall.firm.in/wp-content/uploads/2025/11/grafana.jpg Nov 21, 2025Ravie LakshmananVulnerability / Threat Mitigation Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations. The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain ...

Spain to investigate Meta for alleged Android privacy breaches https://etimg.etb2bimg.com/thumb/msid-125452475,imgsize-19560,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/spain-to-investigate-meta-for-alleged-android-privacy-breaches.jpg Spain’s parliament will investigate Meta for possible privacy violations of its Facebook and Instagram users, Spanish Prime Minister Pedro Sanchez said on Wednesday. “In Spain, the law is above any algorithm or any large technology platform. And anyone who violates our rights will pay the consequences,” Sanchez said in a ...

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt https://firewall.firm.in/wp-content/uploads/2025/11/iran-hackers.jpg Nov 20, 2025Ravie LakshmananCyber Warfare / Threat Intelligence Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between ...

Breach reporting, big penalties: Will DPDP act transform data safety? https://etimg.etb2bimg.com/thumb/msid-125375609,imgsize-7784,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/dpdp-act-a-game-changer-for-data-safety-in-india.jpg When the government notified the final rules of the Data Privacy and Protection Act (DPDP Act) yesterday, it did more than activate a long-anticipated law. It marked India’s most assertive step yet toward tackling the nation’s fastest-rising digital threat: data-driven cybercrime. India now registers one of the sharpest increases ...

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks https://firewall.firm.in/wp-content/uploads/2025/11/1000033960.jpg Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ ...

Finextra & Cloudera: 91% say hybrid AI is the new finance standard https://etimg.etb2bimg.com/thumb/msid-125264509,imgsize-10438,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/finextra-cloudera-91-say-hybrid-ai-is-the-new-finance-standard.jpg Cloudera, in partnership with Finextra Research, published a global report based on a survey of 155 executives and leaders worldwide. The findings indicate hybrid AI deployment is an important strategy in the financial services industry, with 91% of organizations rating a hybrid approach as highly valuable. The ...

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security https://firewall.firm.in/wp-content/uploads/2025/11/MAIN.jpg Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, ...