Tenable exposes AI flaws in Google gemini that could have let hackers steal data from millions https://etimg.etb2bimg.com/thumb/msid-124284799,imgsize-39892,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-gemini-ai-vulnerabilities-exposed-by-tenable.jpg Tenable, the exposure management company, has identified three vulnerabilities in Google’s Gemini suite, collectively dubbed the Gemini Trifecta. These flaws, now remediated, exposed users to significant privacy risks that could have enabled attackers to manipulate Gemini’s behavior and silently steal sensitive data such ...

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files https://firewall.firm.in/wp-content/uploads/2025/10/zimbra-email-hacking.jpg Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic ...

Google warns companies: Your top executives may get extortion emails https://etimg.etb2bimg.com/thumb/msid-124282446,imgsize-1789114,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/google-warns-companies-your-top-executives-may-get-extortion-emails.jpg Alphabet’s Google has warned that hackers are sending extortion emails to executives at several organizations, reports news agency Reuters. The hackers, as per the report, are claiming to have stolen sensitive data from Oracle business applications. In a statement, Google said that the messages are part of an ongoing ...

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware https://firewall.firm.in/wp-content/uploads/2025/09/chinese-hackerss.jpg Sep 30, 2025Ravie LakshmananCyber Espionage / Malware Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. “Phantom Taurus’ main focus areas include ministries of foreign affairs, ...

App targeting Charlie Kirk critics leaks user data in huge privacy breach https://etimg.etb2bimg.com/thumb/msid-124082696,imgsize-1472979,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/app-targeting-charlie-kirk-critics-leaks-user-data-in-huge-privacy-breach.jpg Charlie Kirk critics app privacy breach: An app created to track people accused of criticizing conservative activist Charlie Kirk has been taken offline after a serious privacy breach exposed its own users’ personal information, as per a report. Cancel the Hate App Launched After Charlie Kirk’s Assassination ...

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security https://firewall.firm.in/wp-content/uploads/2025/09/bmc-exploit.jpg Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, ...

Beware of apk files of traffic challans: Cops https://etimg.etb2bimg.com/thumb/msid-123899848,imgsize-16894,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/beware-of-apk-files-of-traffic-challans-cops.jpg Madurai: Madurai rural district cyber crime police have asked the public to be vigilant against scammers sending apk files for traffic challans and banking KYC updates, or even updates for govt schemes and EB bill payment. Police said that recently, there have been cases of people losing money afters scammers hacked ...

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN https://firewall.firm.in/wp-content/uploads/2025/09/sim.jpg Sep 23, 2025Ravie LakshmananNational Security / Threat Intelligence The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national ...

South Korea: Presidential office to unveil cybersecurity measures following hacking incidents https://etimg.etb2bimg.com/thumb/msid-124060607,imgsize-12854,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/south-koreas-presidential-office-unveils-comprehensive-cybersecurity-measures-to-combat-hacking.jpg Seoul, The presidential Office of National Security said Monday it will come up with “comprehensive” measures to prevent further hacking incidents following a series of security breaches at mobile carriers and a credit card issuer. The presidential office said it has been in consultations with relevant ministry officials ...

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw https://firewall.firm.in/wp-content/uploads/2025/09/solar.jpg Sep 23, 2025Ravie LakshmananVulnerability / Data Security SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described ...