Latest cybersecurity news.
Hacks, breaches, vulnerabilities, regulatory moves — tracked and contextualised for Indian security teams.
AI Tool Integrations Expose New Attack Surface: Inside MCP Security Risks
Model Context Protocol (MCP), the emerging standard that lets AI assistants connect to external tools and data sources, is rapidly becoming a fixture in enterprise environments — and security researchers are raising alarms about its attack surface. As organisations rush to wire AI copilots into internal APIs, databases, and SaaS platforms, the authentication and authorisation […]
Read morePost-Quantum Migration Window Narrows: What NIST FIPS 203 Means for Indian Enterprises
NIST published its first post-quantum cryptography standards — FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) — in August 2024. Nearly two years on, adoption in enterprise environments is still early, despite mounting evidence that adversaries are harvesting encrypted traffic today for decryption once quantum computers become capable. The window to migrate is […]
Read moreGitHub Actions Supply Chain Attacks: How CI/CD Pipelines Became the New Target
Software supply chain attacks via CI/CD pipelines have moved from headline-grabbing incidents to a reliable, repeatable attack category. The pattern has evolved considerably since the SolarWinds and XZ Utils compromises: attackers now target the build infrastructure itself — GitHub Actions workflows, self-hosted runners, secrets stored in environment variables, and the dependency trees that CI systems […]
Read moreScenario Brief: Anatomy of a High-Risk Patch Tuesday for Windows Estate Defenders
Tabletop-ready scenario: a hypothetical Patch Tuesday with twin Print Spooler bugs echoing PrintNightmare. Domain-controller priority and SOC detection workflow.
Read moreScenario Brief: How a DPDP Penalty for S3 Misconfiguration Could Unfold
Tabletop-ready compliance scenario: how a public S3 bucket leaking identity documents could lead to a major DPDP Board penalty, and what Data Fiduciaries should do.
Read moreScenario Brief: AI-Powered Phishing Tradecraft Targeting Indian Fintech
Tabletop-ready threat scenario: LLM-generated spear-phish plus deepfake voice calls against Indian payment aggregators. Kill chain, detection signals, and CISO actions.
Read moreCrowdStrike Falcon Outage July 2024 — How a Channel-File Update Broke 8.5 Million Windows Machines: Root Cause & Lessons
A CrowdStrike Falcon Sensor channel-file update caused approximately 8.5 million Windows machines worldwide to crash into Blue Screen of Death loops, grounding flights, halting hospitals, and exposing the systemic risk of always-trusted endpoint security agents.
Read moreMGM Resorts Hack September 2023 — How a 10-Minute Phone Call to the Help Desk Cost $100M: Scattered Spider Anatomy
A ten-minute social-engineering phone call to MGM's help desk reset an employee password without verification, giving Scattered Spider the foothold for a $100M ESXi ransomware attack that shut down Las Vegas casinos.
Read moreOperation Cronos February 2024 — How NCA-Led International Action Took Down LockBit (Twice): Inside the Most Significant Ransomware Takedown
A multi-national law-enforcement operation seized LockBit's infrastructure, decryption keys, and admin panel — turning the most prolific ransomware operation's own leak site into a mocking countdown timer for its members' identities.
Read moreKudankulam Nuclear Power Plant Cyberattack 2019 — DTrack Malware in India’s Critical Infrastructure: Anatomy of the Lazarus-Linked Intrusion
In October 2019, malware later attributed to North Korea's Lazarus Group was found in administrative networks at Kudankulam Nuclear Power Plant in Tamil Nadu — exposing the air-gap myth and triggering India's most serious public critical-infrastructure security review.
Read moreOkta Support System Breach 2023 — How Cookies Stolen from Customer-Service Sessions Led to BeyondTrust, Cloudflare, 1Password Compromises
A stolen Okta employee credential gave attackers access to Okta's customer support system. From there they harvested HAR files containing valid session cookies — and used them to attempt downstream attacks on BeyondTrust, Cloudflare, and 1Password.
Read more23andMe Genetic Data Breach 2023 — How Credential Stuffing Plus DNA Relatives Feature Exposed 6.9 Million Profiles: Anatomy & Privacy Implications
Credential stuffing succeeded on 14,000 23andMe accounts — but the DNA Relatives feature meant attackers harvested the genetic data of approximately 6.9 million additional people connected to those accounts.
Read more