Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts https://firewall.firm.in/wp-content/uploads/2025/10/sonicwall.jpg Oct 11, 2025Ravie LakshmananCloud Security / Network Security Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments. “Threat actors are authenticating into multiple accounts rapidly across compromised devices,” it said. “The speed and scale of these attacks imply ...

Canada’s WestJet says some passenger data exposed in cybersecurity breach https://etimg.etb2bimg.com/thumb/msid-124247093,imgsize-964241,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/canadas-westjet-says-some-passenger-data-exposed-in-cybersecurity-breach.jpg Canadian carrier WestJet said on Monday the personal information of some passengers was exposed in a cybersecurity breach earlier this year, though no payment data was compromised. The airline said it detected suspicious activity on June 13 and later determined that a “sophisticated, criminal third party” had gained unauthorized ...

Step Into the Password Graveyard… If You Dare (and Join the Live Session) https://firewall.firm.in/wp-content/uploads/2025/10/password-security.jpg Oct 08, 2025The Hacker NewsPassword Security / Cyber Attacks Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, ...

Tenable exposes AI flaws in Google gemini that could have let hackers steal data from millions https://etimg.etb2bimg.com/thumb/msid-124284799,imgsize-39892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-gemini-ai-vulnerabilities-exposed-by-tenable.jpg Tenable, the exposure management company, has identified three vulnerabilities in Google’s Gemini suite, collectively dubbed the Gemini Trifecta. These flaws, now remediated, exposed users to significant privacy risks that could have enabled attackers to manipulate Gemini’s behavior and silently steal sensitive data such ...

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files https://firewall.firm.in/wp-content/uploads/2025/10/zimbra-email-hacking.jpg Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic ...

Google warns companies: Your top executives may get extortion emails https://etimg.etb2bimg.com/thumb/msid-124282446,imgsize-1789114,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-warns-companies-your-top-executives-may-get-extortion-emails.jpg Alphabet’s Google has warned that hackers are sending extortion emails to executives at several organizations, reports news agency Reuters. The hackers, as per the report, are claiming to have stolen sensitive data from Oracle business applications. In a statement, Google said that the messages are part of an ongoing ...

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware https://firewall.firm.in/wp-content/uploads/2025/09/chinese-hackerss.jpg Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. “Phantom Taurus’ main focus areas include ministries of foreign affairs, ...

App targeting Charlie Kirk critics leaks user data in huge privacy breach https://etimg.etb2bimg.com/thumb/msid-124082696,imgsize-1472979,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/app-targeting-charlie-kirk-critics-leaks-user-data-in-huge-privacy-breach.jpg Charlie Kirk critics app privacy breach: An app created to track people accused of criticizing conservative activist Charlie Kirk has been taken offline after a serious privacy breach exposed its own users’ personal information, as per a report. Cancel the Hate App Launched After Charlie Kirk’s Assassination ...

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security https://firewall.firm.in/wp-content/uploads/2025/09/bmc-exploit.jpg Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, ...

Beware of apk files of traffic challans: Cops https://etimg.etb2bimg.com/thumb/msid-123899848,imgsize-16894,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/beware-of-apk-files-of-traffic-challans-cops.jpg Madurai: Madurai rural district cyber crime police have asked the public to be vigilant against scammers sending apk files for traffic challans and banking KYC updates, or even updates for govt schemes and EB bill payment. Police said that recently, there have been cases of people losing money afters scammers hacked ...