Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass https://firewall.firm.in/wp-content/uploads/2026/04/whatsapp-exploit.jpg Ravie LakshmananApr 01, 2026Social Engineering / Malware Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and ...
Read More »Vulnerabilities & Exploits
84% of female entrepreneurs use UPI; cohort shows the highest levels of digital adoption: Report
84% of female entrepreneurs use UPI; cohort shows the highest levels of digital adoption: Report https://etimg.etb2bimg.com/thumb/msid-129193057,imgsize-1994229,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/majority-of-female-entrepreneurs-embrace-digital-banking-despite-concerns-over-data-privacy.jpg In a report by DBS Bank India, HNW (High-Net-Worth) women, female entrepreneurs, and rural women were surveyed. Among these participants, 31% of female entrepreneurs reported a monthly personal income ranging between Rs 1 lakh and Rs 3 lakh. 27% of HNW women had an ...
Read More »Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069 https://firewall.firm.in/wp-content/uploads/2026/04/axios-northkorea.jpg Ravie LakshmananApr 01, 2026Threat Intelligence / Software Security Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. “We have attributed the attack to a suspected North Korean threat actor we ...
Read More »TRU identifies mobile spyware campaign using fake Red Alert app in Israel
TRU identifies mobile spyware campaign using fake Red Alert app in Israel https://etimg.etb2bimg.com/thumb/msid-129603786,imgsize-5482,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/tru-identifies-mobile-spyware-campaign-using-fake-red-alert-app-in-israel.jpg A targeted smishing campaign has been identified in which Israeli users received SMS messages impersonating official Home Front Command alerts and distributing a trojanized version of Israel’s Red Alert rocket warning Android app. The malicious app preserves the legitimate rocket alert functionality, making it harder for users ...
Read More »Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account https://firewall.firm.in/wp-content/uploads/2026/03/Axios-attack.jpg The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios have been found to ...
Read More »Anthropic’s most powerful AI model ‘Claude Mythos’ data leaked
Anthropic’s most powerful AI model ‘Claude Mythos’ data leaked https://etimg.etb2bimg.com/thumb/msid-129858229,imgsize-101462,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/anthropics-most-powerful-ai-model-claude-mythos-data-leaked.jpg A data leak has revealed that Anthropic is developing a new artificial intelligence model it claims is its most powerful yet, with the system already being tested by a small group of users. A report in Fortune quoted an Anthropic spokesperson as saying the system is “the most capable we’ve ...
Read More »Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks https://firewall.firm.in/wp-content/uploads/2026/03/open-code.jpg Ravie LakshmananMar 27, 2026Software Security / DevSecOps Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the ...
Read More »Millions of infected devices fueled massive cyberattacks
Millions of infected devices fueled massive cyberattacks https://etimg.etb2bimg.com/thumb/msid-129691490,imgsize-11922,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/us-says-it-disrupted-botnets-that-infected-over-3-million-devices-worldwide.jpg The U.S. Justice Department on Thursday said it took part in an operation with Germany and Canada to take down infrastructure used by four major botnets that infected more than 3 million devices worldwide, including hundreds of thousands in the U.S. The malicious networks – Aisuru, KimWolf, JackSkid and Mossad – were ...
Read More »[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks https://firewall.firm.in/wp-content/uploads/2026/03/validate.jpg The Hacker NewsMar 26, 2026Security Testing / Security Automation Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? ...
Read More »NHRC issues notices over alleged DPDP Act violations by AI, social media, edtech platforms
NHRC issues notices over alleged DPDP Act violations by AI, social media, edtech platforms https://etimg.etb2bimg.com/thumb/msid-129797566,imgsize-21578,width-1200,height=627,overlay-etciso,resizemode-75/data-breaches/nhrc-issues-urgent-notices-to-protect-childrens-data-rights-under-dpdp-act.jpg The National Human Rights Commission (NHRC) has taken cognisance of alleged violations of the Digital Personal Data Protection Act (DPDP Act), particularly concerning the absence of systems for tracking children’s data transfers and grievance redressal mechanisms across major digital platforms. A bench led by NHRC ...
Read More »
Firewall Security Company India Complete Firewall Security Solutions Provider Company in India











