Latest cybersecurity news.
Hacks, breaches, vulnerabilities, regulatory moves — tracked and contextualised for Indian security teams.
Edge Device Exploitation: VPN and Firewall Appliances Remain Top Initial Access Vector in 2026
Network edge appliances — VPN gateways, firewalls, load balancers, and SSL inspection proxies — have become the most reliable initial access vector for sophisticated threat actors in 2025 and 2026. Mandiant, CrowdStrike, and Recorded Future all placed edge device exploitation at the top of their initial access reports this year. The pattern is consistent: a […]
Read moreScenario Brief: Ransomware Tradecraft Against Indian Hospitals via Unpatched Backups
Tabletop-ready scenario: ransomware affiliates targeting Veeam backup servers as initial access. ABDM propagation risk and the hospital defender checklist.
Read moreScenario Brief: Pod Escape via Cgroup Namespace TOCTOU — A Containerd Threat Model
Tabletop-ready scenario: a hypothetical containerd pod-escape via TOCTOU race. Why baseline Pod Security Admission is no longer enough and what to harden.
Read moreScenario Brief: MCP SDK Authentication Bypass — Tradecraft and Mitigation
Tabletop-ready scenario: a hypothetical auth-bypass in the Model Context Protocol reference SDK. What an MCP server compromise looks like and how to harden against it.
Read moreScenario Brief: Critical OpenSSL Use-After-Free Reachable via TLS 1.3 Session Resumption
Tabletop-ready threat scenario: a hypothetical CVSS 9.8 use-after-free in OpenSSL TLS 1.3 session resumption. Indian BFSI patch-priority and incident-reporting drill.
Read moreStar Health Data Breach 2024 — 31M Customer Records Exposed via Telegram Bots: Full Technical Analysis & DPDP Implications
India's largest standalone health insurer leaked 31 million customer records — names, PANs, phone numbers, claim documents, medical reports — via attacker-operated Telegram bots. A full technical reconstruction.
Read moreWazirX $230M Hack July 2024 — How a Multi-Signature Wallet Was Drained: Technical Reconstruction & Indian Crypto Implications
India's largest crypto exchange lost $230M when attackers — assessed by US authorities as North Korea's Lazarus Group — exploited a discrepancy between the user interface and on-chain reality of a 6-of-9 multi-signature wallet.
Read moreSnowflake & AT&T Mega-Breach 2024 — UNC5537’s 165-Org Credential-Stuffing Campaign: Technical Reconstruction
A single threat actor used credentials harvested from infostealer logs to access at least 165 Snowflake customer environments — including AT&T, Ticketmaster, and Santander — exfiltrating data on 110+ million people. The attack required no Snowflake vulnerability.
Read moreMOVEit Transfer Cl0p Campaign 2023 — How a SQL Injection in a File-Transfer Tool Hit 2,700 Organisations: Anatomy of a Modern Supply-Chain Breach
A pre-authentication SQL injection zero-day in Progress Software's MOVEit Transfer enabled the Cl0p ransomware affiliate group to exfiltrate data from over 2,700 organisations and 95+ million individuals — the canonical modern supply-chain breach.
Read moreAIIMS Delhi Ransomware Attack 2022 — How a Single Compromise Disrupted India’s Premier Hospital for Two Weeks: Anatomy & Lessons
The All India Institute of Medical Sciences Delhi — India's most prestigious public hospital — was crippled by a ransomware attack for over two weeks in November 2022, exposing systemic security gaps across Indian public-sector critical infrastructure.
Read moreICMR India 815 Million Records Breach 2023 — How a COVID Test Database Became the Largest Indian Data Leak: Full Analysis
The Indian Council of Medical Research COVID-19 test database — containing names, Aadhaar numbers, passport details, and contact information for 815 million Indians — was offered for sale on BreachForums for $80,000.
Read moreChange Healthcare Ransomware Attack 2024 — How a Single Compromise Disrupted 1/3 of US Healthcare Payments: $2.5B Impact Analysis
A single Citrix portal lacking MFA gave ALPHV/BlackCat ransomware access to Change Healthcare — the payment processor for one in three US healthcare claims. Recovery cost UnitedHealth $2.5B+ and exposed 100M+ Americans' medical data.
Read more