Security Flaw
- All
- News
- Videos
- Web Stories
-
Louvre Museum's Security Password During 900-Crore Heist Was "LOUVRE"
Weeks after a daring $102 million daylight robbery in the Louvre Museum in Paris, investigators have uncovered a stunning flaw in the institution's digital defences.
-
CERT-In Warns Google Chrome Users of High-Risk Flaws on Windows, macOS, and Linux
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory warning Google Chrome users of multiple vulnerabilities affecting desktop versions on Windows, macOS, and Linux. The flaws, detailed in CIVN-2025-0288, could let remote attackers execute code, steal data, or bypass security by luring users to malicious websites. A...
-
Tata Motors Reportedly Patched E-Dukaan, FleetEdge Flaws After Researcher Discovered AWS Key Leak
Tata Motors' two consumer-facing platforms, FleetEdge and E-Dukaan, were hacked in 2023 by a cybersecurity researcher, which were reportedly patched by the company in the same year. The flaws gave unauthorised access to bad actors to the platforms' Amazon Web Service (AWS) keys, allowing them to download Tata Motors' files, sensitive customer infor...
-
CERT-In Warns Google Chrome Users of High-Severity Remote Code Execution Vulnerability
CERT-In has issued a high-severity alert (CIVN-2025-0274) for a remote code execution vulnerability in Google Chrome for desktop. The flaw, caused by improper implementation in Chrome’s V8 engine, could allow attackers to execute code with user privileges, leading to system takeover, data theft, or service disruption. It affects Chrome versions p...
-
CERT-In Asks Mozilla Firefox Users to Install Browser Updates to Remain Safe From Security Vulnerabilities
Mozilla has fixed multiple high-severity vulnerabilities across Firefox, Firefox ESR, and Thunderbird, which could allow attackers to execute code or access sensitive data. The flaws, affecting Firefox versions prior to 144, ESR versions prior to 115.29 and 140.4, and Thunderbird versions prior to 140.4 and 144, include use-after-free errors, memor...
-
CERT-In Highlights Zoom Security Flaws That Could Let Hackers Access Meeting, Sensitive Information
The Indian Computer Emergency Response Team (CERT-In) has issued a notification asking Zoom for Windows, macOS, Android, and iOS users to download the latest available update of the app, as multiple vulnerabilities have been found in its particular version. The security flaws allow bad actors to gain unauthorised access to Zoom Rooms and get their ...
-
Google Chrome, Microsoft Edge Security Flaws: CERT-In Asks Users to Update to Latest Versions With Security Fixes
The Indian Computer Emergency Response Team (CERT-In), on October 15, released two vulnerability notes to warn Google Chrome and Chromium-based Microsoft Edge users of multiple security flaws. These vulnerabilities can be exploited by hackers, granting them unauthorised access to a user’s desktop. However, people can install the latest available ...
-
Android Phones Susceptible to ‘Pixnapping’ Attack That Steals 2FA Codes, Messages and More, Researchers Say
Android devices are susceptible to a new type of attack that can covertly steal two-factor authentication (2FA) codes, private messages, location timelines, and other data. Security researchers have devised this new attack, called Pixnapping, which can exploit loopholes and security flaws in Android without requiring any system permissions. As per ...
-
CERT-In Urges Google Chrome Users to Update After Google Patches Critical Security Flaws
Indian Computer Emergency Response Team (CERT-In) has issued a warning to Google Chrome users. The advisory was issued on Wednesday after the government agency discovered many security flaws in the Windows, Mac, and Linux version of Google Chrome. These vulnerabilities, if exploited, could allow allow a remote attacker to execute arbitrary code. CE...
-
Google Is Offering Up To Rs 26 Lakh For Finding Bugs In Its AI Systems
Google is offering researchers up to $30,000 (Rs 26.6 lakh) to find and report security flaws in its AI systems.
-
Google DeepMind Introduces CodeMender AI Agent to Automate Security Fixes
Google DeepMind has introduced CodeMender, an AI agent that can automatically detect and fix security vulnerabilities in software code. It analyses source code, identifies flaws, and generates and verifies patches without developer input. In trials, CodeMender produced 72 verified patches across major open-source projects. Currently, its patches ar...
-
Who Is Attaullah Baig? The Ex-WhatsApp Security Boss Exposing Meta's Alarming Privacy Secrets
Indian-origin cybersecurity expert Attaullah Baig, former WhatsApp head of security, has sued Meta, alleging ignored security flaws and retaliation after he raised warnings about millions of users' data being at risk.
-
Android Security Alert: Billions of Devices at High Risk, Warns CERT-In; Android 15, 16 Affected
Earlier this week, the Indian Computer Emergency Response Team (CERT-In) released an advisory warning of multiple security flaws impacting smartphones on recent Android versions. The agency noted that a significant number of these vulnerabilities have been assigned unique CVE identifiers and rated them as high severity, given their potential to ena...
-
Japan’s Financial Services Agency Mulls Crypto Regulation Under FIEA
Japan’s Financial Services Agency has proposed transferring cryptocurrency oversight from the Payment Services Act to the stricter Financial Instruments and Exchange Act. The move aims to address issues such as unregistered operations, scams, disclosure gaps, and security flaws, while improving investor protection. If approved by the Financial Sy...
-
WhatsApp Fixes Zero-Click Vulnerability that Affects iOS, macOS Versions of the App
WhatsApp has fixed a zero-click security vulnerability, which could have been used to carry out sophisticated attacks against targeted individuals, the company said. The flaw affected the Meta-owned messenger app’s iOS and macOS versions, and could “trigger processing of content from an arbitrary URL on a target's device.”
-
Louvre Museum's Security Password During 900-Crore Heist Was "LOUVRE"
Weeks after a daring $102 million daylight robbery in the Louvre Museum in Paris, investigators have uncovered a stunning flaw in the institution's digital defences.
-
CERT-In Warns Google Chrome Users of High-Risk Flaws on Windows, macOS, and Linux
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory warning Google Chrome users of multiple vulnerabilities affecting desktop versions on Windows, macOS, and Linux. The flaws, detailed in CIVN-2025-0288, could let remote attackers execute code, steal data, or bypass security by luring users to malicious websites. A...
-
Tata Motors Reportedly Patched E-Dukaan, FleetEdge Flaws After Researcher Discovered AWS Key Leak
Tata Motors' two consumer-facing platforms, FleetEdge and E-Dukaan, were hacked in 2023 by a cybersecurity researcher, which were reportedly patched by the company in the same year. The flaws gave unauthorised access to bad actors to the platforms' Amazon Web Service (AWS) keys, allowing them to download Tata Motors' files, sensitive customer infor...
-
CERT-In Warns Google Chrome Users of High-Severity Remote Code Execution Vulnerability
CERT-In has issued a high-severity alert (CIVN-2025-0274) for a remote code execution vulnerability in Google Chrome for desktop. The flaw, caused by improper implementation in Chrome’s V8 engine, could allow attackers to execute code with user privileges, leading to system takeover, data theft, or service disruption. It affects Chrome versions p...
-
CERT-In Asks Mozilla Firefox Users to Install Browser Updates to Remain Safe From Security Vulnerabilities
Mozilla has fixed multiple high-severity vulnerabilities across Firefox, Firefox ESR, and Thunderbird, which could allow attackers to execute code or access sensitive data. The flaws, affecting Firefox versions prior to 144, ESR versions prior to 115.29 and 140.4, and Thunderbird versions prior to 140.4 and 144, include use-after-free errors, memor...
-
CERT-In Highlights Zoom Security Flaws That Could Let Hackers Access Meeting, Sensitive Information
The Indian Computer Emergency Response Team (CERT-In) has issued a notification asking Zoom for Windows, macOS, Android, and iOS users to download the latest available update of the app, as multiple vulnerabilities have been found in its particular version. The security flaws allow bad actors to gain unauthorised access to Zoom Rooms and get their ...
-
Google Chrome, Microsoft Edge Security Flaws: CERT-In Asks Users to Update to Latest Versions With Security Fixes
The Indian Computer Emergency Response Team (CERT-In), on October 15, released two vulnerability notes to warn Google Chrome and Chromium-based Microsoft Edge users of multiple security flaws. These vulnerabilities can be exploited by hackers, granting them unauthorised access to a user’s desktop. However, people can install the latest available ...
-
Android Phones Susceptible to ‘Pixnapping’ Attack That Steals 2FA Codes, Messages and More, Researchers Say
Android devices are susceptible to a new type of attack that can covertly steal two-factor authentication (2FA) codes, private messages, location timelines, and other data. Security researchers have devised this new attack, called Pixnapping, which can exploit loopholes and security flaws in Android without requiring any system permissions. As per ...
-
CERT-In Urges Google Chrome Users to Update After Google Patches Critical Security Flaws
Indian Computer Emergency Response Team (CERT-In) has issued a warning to Google Chrome users. The advisory was issued on Wednesday after the government agency discovered many security flaws in the Windows, Mac, and Linux version of Google Chrome. These vulnerabilities, if exploited, could allow allow a remote attacker to execute arbitrary code. CE...
-
Google Is Offering Up To Rs 26 Lakh For Finding Bugs In Its AI Systems
Google is offering researchers up to $30,000 (Rs 26.6 lakh) to find and report security flaws in its AI systems.
-
Google DeepMind Introduces CodeMender AI Agent to Automate Security Fixes
Google DeepMind has introduced CodeMender, an AI agent that can automatically detect and fix security vulnerabilities in software code. It analyses source code, identifies flaws, and generates and verifies patches without developer input. In trials, CodeMender produced 72 verified patches across major open-source projects. Currently, its patches ar...
-
Who Is Attaullah Baig? The Ex-WhatsApp Security Boss Exposing Meta's Alarming Privacy Secrets
Indian-origin cybersecurity expert Attaullah Baig, former WhatsApp head of security, has sued Meta, alleging ignored security flaws and retaliation after he raised warnings about millions of users' data being at risk.
-
Android Security Alert: Billions of Devices at High Risk, Warns CERT-In; Android 15, 16 Affected
Earlier this week, the Indian Computer Emergency Response Team (CERT-In) released an advisory warning of multiple security flaws impacting smartphones on recent Android versions. The agency noted that a significant number of these vulnerabilities have been assigned unique CVE identifiers and rated them as high severity, given their potential to ena...
-
Japan’s Financial Services Agency Mulls Crypto Regulation Under FIEA
Japan’s Financial Services Agency has proposed transferring cryptocurrency oversight from the Payment Services Act to the stricter Financial Instruments and Exchange Act. The move aims to address issues such as unregistered operations, scams, disclosure gaps, and security flaws, while improving investor protection. If approved by the Financial Sy...
-
WhatsApp Fixes Zero-Click Vulnerability that Affects iOS, macOS Versions of the App
WhatsApp has fixed a zero-click security vulnerability, which could have been used to carry out sophisticated attacks against targeted individuals, the company said. The flaw affected the Meta-owned messenger app’s iOS and macOS versions, and could “trigger processing of content from an arbitrary URL on a target's device.”
