News
Latest cybersecurity news — hacks, breaches, vulnerabilities, regulatory moves
Snowflake Mega-Breach Anatomy — How UNC5537 Hit 165 Customers Without a Single Vulnerability
UNC5537 (ShinyHunters) compromised 165+ Snowflake customer tenants in 2024 — Ticketmaster, AT&T, Santander — using infostealer credentials replayed against MFA-disabled accounts. Technical…
NewsSalt Typhoon — How a PRC APT Mapped the US Telecom Backbone (and What Indian Carriers Should Steal From It)
Salt Typhoon (UNC2286 / GhostEmperor) sat inside US telecom carriers for 18+ months exploiting Cisco IOS XE CVE-2023-20198. Technical breakdown of Demodex…
NewsTop 10 Latest Vulnerabilities — Theory, Technical Analysis & Remediation (April–May 2026)
In-depth ~10-page technical breakdown of the 10 most consequential vulnerabilities CISA added to its Known Exploited Vulnerabilities catalog in April–May 2026. For…
NewsStar Health Data Breach 2024 — 31M Customer Records Exposed via Telegram Bots: Full Technical Analysis & DPDP Implications
India's largest standalone health insurer leaked 31 million customer records — names, PANs, phone numbers, claim documents, medical reports — via attacker-operated…
NewsWazirX $230M Hack July 2024 — How a Multi-Signature Wallet Was Drained: Technical Reconstruction & Indian Crypto Implications
India's largest crypto exchange lost $230M when attackers — assessed by US authorities as North Korea's Lazarus Group — exploited a discrepancy…
NewsSnowflake & AT&T Mega-Breach 2024 — UNC5537’s 165-Org Credential-Stuffing Campaign: Technical Reconstruction
A single threat actor used credentials harvested from infostealer logs to access at least 165 Snowflake customer environments — including AT&T, Ticketmaster,…
NewsCrowdStrike Falcon Outage July 2024 — How a Channel-File Update Broke 8.5 Million Windows Machines: Root Cause & Lessons
A CrowdStrike Falcon Sensor channel-file update caused approximately 8.5 million Windows machines worldwide to crash into Blue Screen of Death loops, grounding…
NewsMOVEit Transfer Cl0p Campaign 2023 — How a SQL Injection in a File-Transfer Tool Hit 2,700 Organisations: Anatomy of a Modern Supply-Chain Breach
A pre-authentication SQL injection zero-day in Progress Software's MOVEit Transfer enabled the Cl0p ransomware affiliate group to exfiltrate data from over 2,700…
NewsAIIMS Delhi Ransomware Attack 2022 — How a Single Compromise Disrupted India’s Premier Hospital for Two Weeks: Anatomy & Lessons
The All India Institute of Medical Sciences Delhi — India's most prestigious public hospital — was crippled by a ransomware attack for…
NewsICMR India 815 Million Records Breach 2023 — How a COVID Test Database Became the Largest Indian Data Leak: Full Analysis
The Indian Council of Medical Research COVID-19 test database — containing names, Aadhaar numbers, passport details, and contact information for 815 million…