Author: Zeel_Cyberexpert
In recent years, the use of personal data in India has increased rapidly. From mobile apps and websites to banks and online services, companies collect and process large amounts of personal information every day. To regulate this and protect individuals, the Indian government introduced the Digital Personal Data Protection Act, 2023, commonly known as the DPDP Act. This law sets clear rules on how personal data must be handled and what responsibilities organizations have when dealing with user data. Why was the DPDP Act introduced? Before 2023, India did not have a dedicated data protection law. Data misuse, leaks, and…
On 20 January 2026, the Everest ransomware group publicly claimed that it had breached the internal systems of McDonaldβs India and exfiltrated approximately 861 GB of data. The claim was posted on the groupβs dark-web leak site, where Everest listed McDonaldβs India as a victim and threatened to release the stolen data if ransom demands are not met. Along with the claim, the attackers shared sample screenshots of files that they say were taken from the companyβs network. These samples reportedly include internal corporate documents, operational records, and files that may contain employee and customer-related information. At the time of…
Recent cybersecurity disclosures have brought attention to a data exposure incident involving Raaga, a popular Indian music streaming platform. According to publicly available breach reports and security research findings, personal information linked to millions of user accounts was found exposed through an unsecured data source, raising concerns about user privacy and platform security. The incident is being referred to as the Raaga data breach, based on the scale of exposed records and the sensitivity of the information involved. What Is Known About the Raaga Data Breach Security researchers reported discovering a database containing user-related records that appeared to be associated…
Recent security research has brought attention to a previously unknown access-control weakness affecting certain Cloudflare-protected environments. The issue involves a specific request handling path that, under limited conditions, could allow traffic to reach backend hosts even when strict security rules are in place. According to technical analysis shared by independent researchers, the behavior was linked to how Cloudflare processes requests associated with automated certificate validation and related system paths. In some configurations, these requests were handled differently from standard web traffic, creating an unexpected route that bypassed normal filtering logic. Importantly, this issue does not indicate a failure of Cloudflareβs…
Microsoft is currently responding to a newly identified Windows zero-day vulnerability that security researchers have confirmed is being actively exploited in real-world attacks. The issue came to light after multiple incident reports showed attackers using the flaw before any official fix was publicly available, which by definition makes it a zero-day. According to the information shared by security researchers, the vulnerability affects a core Windows component that exists across multiple supported versions of the operating system. What makes this case serious is that exploitation was observed before disclosure, indicating that threat actors already had a working exploit while defenders were…
Beginner to Professional (Practical & Focused) The biggest problem in cybersecurity learning is not a lack of resources.It is lack of direction. This roadmap is written to help students avoid wasting time, avoid learning unnecessary things, and focus only on what is actually required for real cybersecurity roles. One important truth to understand from the start: You do NOT need to learn everything in cybersecurity. Phase 1: Learn Only the Basics That Matter Time required: 1β2 months At the beginning, many students either rush too fast or go too deep into topics they donβt need. Focus only on: You do…
Security researchers have reported a security risk in Google Vertex AI related to its default configuration. The issue allows users with low or read-level permissions to indirectly obtain high-privilege Service Agent access, which can impact enterprise cloud environments. The findings were disclosed by XM Cyber researchers and later reviewed by Google, which stated that the behavior aligns with the current design model. Researchers, however, demonstrated that this design can lead to real-world privilege escalation scenarios. Overview of the Issue Vertex AI uses Service Agents, which are Google-managed identities attached automatically to AI components for internal operations.These Service Agents are granted…
Cybersecurity researchers have uncovered a coordinated attack involving five malicious Google Chrome extensions that were falsely presented as tools related to enterprise platforms like Workday and NetSuite. These extensions were designed to silently take control of user accounts inside corporate environments. The extensions appeared legitimate on the surface but were actually created to steal active login sessions and block security response actions. Malicious Extensions Identified The following five Chrome extensions were confirmed as part of the same attack campaign: Most of these were published under different developer names, but security researchers confirmed they shared the same internal logic and backend…
A serious security flaw has been discovered in a popular WordPress plugin called Modular DS, and attackers are already abusing it to take control of websites. The vulnerability allows anyone on the internet to gain administrator access to a site without needing a username or password. Because of this, affected websites can be fully hijacked β content can be changed, malicious code can be inserted, users can be redirected to scam pages, and private data can be stolen. The issue exists in all versions of Modular DS up to version 2.5.1 and has been fixed in version 2.5.2. The plugin…
In late 2025, cybersecurity teams in Ukraine uncovered a highly targeted cyber-espionage campaign aimed at personnel connected to the countryβs defense sector. The operation relied on a previously unseen malware strain known as PLUGGYAPE and marked a shift in how attackers deliver malicious software β by abusing trusted messaging platforms rather than traditional email. The campaign ran quietly for several weeks before being detected, and it was specifically designed to blend into normal daily communication patterns, making it extremely difficult for victims to identify the attack. How the Attack Worked Instead of using obvious phishing emails, the attackers reached out…