Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
AiTM Phishing in 2026 — How EvilProxy, Mamba, Tycoon, and Astaroth Defeat Microsoft 365 MFA
Adversary-in-the-Middle phishing kits proxy your real login page and capture both credentials and post-MFA session cookies in real time. Why Microsoft Authenticator…
NewsCl0p MFT Mass-Exploit Pattern — From Accellion to Cleo, Why Indian Enterprises Keep Ending Up Downstream
Cl0p ransomware perfected the managed-file-transfer (MFT) mass-exploit playbook across Accellion, GoAnywhere, MOVEit, and Cleo — 2,700+ victims in MOVEit alone. Why MFT…
NewsIndian Android Banking Trojans 2026 — SoumniBot, Brokewell, Gigabud and the Accessibility-Service Endgame
Indian Android banking trojans (SoumniBot, Brokewell, Gigabud, GoldDigger) converge on a single playbook: side-loaded APK → Accessibility Service grant → SMS interception…
NewsSnowflake Mega-Breach Anatomy — How UNC5537 Hit 165 Customers Without a Single Vulnerability
UNC5537 (ShinyHunters) compromised 165+ Snowflake customer tenants in 2024 — Ticketmaster, AT&T, Santander — using infostealer credentials replayed against MFA-disabled accounts. Technical…
NewsSalt Typhoon — How a PRC APT Mapped the US Telecom Backbone (and What Indian Carriers Should Steal From It)
Salt Typhoon (UNC2286 / GhostEmperor) sat inside US telecom carriers for 18+ months exploiting Cisco IOS XE CVE-2023-20198. Technical breakdown of Demodex…
ComplianceDPDP Penalties Decoded: How the ₹250 Crore Maximum Actually Gets Calculated
The DPDP Act ₹250 crore penalty maximum is a ceiling, not a fixed amount. The Data Protection Board calculates actual penalties against…
ComplianceDPDP Section 8 Decoded: The Eight Obligations Every Indian Data Fiduciary Must Meet
A practical breakdown of DPDP Act §8(1)–(8) — security safeguards, breach notification, retention, grievance redressal, child data, and SDF duties. With audit-evidence…
NewsTop 10 Latest Vulnerabilities — Theory, Technical Analysis & Remediation (April–May 2026)
In-depth ~10-page technical breakdown of the 10 most consequential vulnerabilities CISA added to its Known Exploited Vulnerabilities catalog in April–May 2026. For…
NewsStar Health Data Breach 2024 — 31M Customer Records Exposed via Telegram Bots: Full Technical Analysis & DPDP Implications
India's largest standalone health insurer leaked 31 million customer records — names, PANs, phone numbers, claim documents, medical reports — via attacker-operated…
AI SecurityBuilding Like Cursor / Perplexity / v0 — Backend Architecture of Trending AI Tools
Cursor, Perplexity, v0, Claude Artifacts, Lovable — the products defining 2026 AI UX. Their backends share patterns: streaming LLM gateways, smart context…