Google defeats bid for billions of dollars of new penalties in US privacy class action https://etimg.etb2bimg.com/thumb/msid-127813525,imgsize-35046,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-wins-legal-battle-against-2-billion-penalty-over-privacy-violations.jpg Alphabet’s Google persuaded a federal judge in San Francisco on Friday to ‍reject a bid by consumers for more than $2 billion in penalties over the company’s past collection ⁠of data from users who had switched off a key privacy setting. Chief US District ...

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access https://firewall.firm.in/wp-content/uploads/2026/01/chrome.jpg Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored ...

Data Privacy day: Protect people, data, and trust https://etimg.etb2bimg.com/thumb/msid-127358114,imgsize-40022,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/data-privacy-day-empowering-organizations-to-protect-personal-information.jpg Observed globally on January 28, Data Privacy Day highlights the growing importance of protecting personal information in today’s digitally dependent world. Across more than 45 countries, Data Privacy Day brings together governments, organizations, educators, and individuals to promote data privacy and responsible digital practices. To explore how organizations are marking Data ...

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities https://firewall.firm.in/wp-content/uploads/2026/01/cisa.jpg Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2025-68645 (CVSS score: 8.8) – ...

Expert take: The DPDP act arrives: Are companies ready for what comes next? https://etimg.etb2bimg.com/thumb/msid-126749794,imgsize-6460770,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/understanding-indias-digital-personal-data-protection-act-are-companies-prepared.jpg Rupinder Malik, Partner at JSA India stands at a pivotal crossroad today as it navigates its fastest-growing digital economy and the operationalisation of the Digital Personal Data Protection (DPDP) Act. With over one billion internet subscribers, the nation has emerged as one of the world’s three ...

Webinar: How Smart MSSPs Using AI to Boost Margins with Half the Staff https://firewall.firm.in/wp-content/uploads/2026/01/mssp.jpg The Hacker NewsJan 21, 2026Artificial Intelligence / Automation Every managed security provider is chasing the same problem in 2026 — too many alerts, too few analysts, and clients demanding “CISO-level protection” at SMB budgets. The truth? Most MSSPs are running harder, not smarter. And it’s breaking ...

India’s breach brief: 5 structural security failures CISOs can no longer ignore https://etimg.etb2bimg.com/thumb/msid-126920644,imgsize-333856,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/indias-data-breach-crisis-5-critical-security-missteps-every-ciso-must-address.jpg India’s wave of high-profile data breaches isn’t the work of a new breed of hackers, it’s a failure of technology management. The same mistakes were made over and over: misconfigurations, poor oversight, and misplaced trust. These breaches didn’t stem from sophisticated attacks but from fundamental flaws in ...

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects https://firewall.firm.in/wp-content/uploads/2026/01/vscode.png The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December ...

American billionaire Mark Cuban has a warning on AI chatbots for CEOs https://etimg.etb2bimg.com/thumb/msid-126496122,imgsize-209851,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/mark-cuban-warns-ceos-the-risks-and-opportunities-of-ai-chatbots.jpg American billionaire investor Mark Cuban has now issued a stark warning for business leaders about the risks and opportunities of artificial intelligence. Along with this, Cuban has also cautioned that while AI can transform companies, its careless use could expose valuable intellectual property. Speaking during a call ...

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations https://firewall.firm.in/wp-content/uploads/2026/01/cyberattack.jpg Jan 09, 2026Ravie LakshmananEmail Security / Threat Intelligence Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia ...