Midnight Web by Rahul Banerjee

    A viral message is making the rounds on WhatsApp and social media in India, claiming to offer zero monthly fees and unlimited internet  via a device called   Starlink Mini.While the offer may sound tempting but it is completely misleading and has been flagged by the Indian government as unauthorized and false. Starlink Is Not Yet Operational in India As of June 2025 The satellite internet service by Elon Musk’s SpaceX has not launched its commercial operations in India. Although the company has received a Letter of Intent from the Department of Telecommunications (DoT), it still requires key regulatory approvals including: 1.Spectrum allocation 2.Clearance from IN-SPACE (Indian National Space Promotion and Authorization Centre) Until these approvals are granted, no official Starlink services including Starlink Mini are available in India. Once Starlink gets the green light to operate in India, here’s what consumers can realistically expect: Monthly ...

Naukri, a leading Indian jobs website, has patched a vulnerability that revealed the email IDs of recruiters posting jobs on its site to hunt for and recruit candidates online. The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri’s platform. The issue did not appear to affect the company’s website. The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,” Gowda told TechCrunch. He stated that open email IDs could be included in public breach databases or spam lists, and bulk scraping of email addresses can result in automated bot abuse or scams. TechCrunch confirmed the exposure after Gowda made disclosures regarding the bug. The researcher confirmed to TechCrunch that the bug was remediated earlier this week, which Naukri seco...

  Procolored, a Chinese printer manufacturer, has been sending infecting its customers with backdoors, infostealers, and cryptocurrency stealers - for six months. This information comes from cybersecurity researchers at G Data, who were alerted to the supply chain attack by a technical author and content creator, Cameron Coward. Apparently, Coward wanted to review one of Procolored’s printers. After attempting to install the accompanying software from a USB stick, he was alerted to the presence of the Floxif worm. He reached out to the company who dismissed the warning as a false positive. Unsatisfied with this response, Coward turned to Reddit, where his thread was picked up by G Data‘s cyber security researchers. G Data, however, discovered that 39 software downloads, hosted on mega.nz and last updated in October 2024, had been infected with two malware families, namely an information stealer and a backdoor. 1.Win32.Backdoor.XRedRAT.A 2.MSIL.Trojan-Stealer.CoinStealer.H ...

Seven Advanced Persistent Threat (APT) groups associated with Pakistan attempted to infiltrate Indian infrastructure, resulting in a staggering 99.99% failure rate despite launching over 1.5 million cyberattacks. Identified by Maharashtra Cyber, these groups employed various tactics including malware, DDoS attacks, GPS spoofing, and misinformation campaigns, with only 150 attacks achieving success and causing negligible disruption. 1.         APT36 (Transparent Tribe): Known for cyber espionage since 2013, it targets Indian defense and government sectors using CrimsonRAT malware via spear-phishing. 2.        Pakistan Cyber Force: Claimed breaches of Military Engineering Services and Manohar Parrikar Institute, and defaced Armoured Vehicle Nigam Limited’s website with Pakistan’s flag. 3.        Team Insane PK: Targeted Indian Army websites, like the Army College of Nursing, with provocative messaging. ...

Meta introduced Private Processing, an optional new feature aimed at allowing WhatsApp users to process messages with AI in a private, secure cloud environment. Meta stated this means that neither WhatsApp nor Meta any third party is able to access the messages, preserving end-to-end encryption. The news emphasized how AI has redefined technology engagement through the automation of activities and insights on data. However, traditional AI processing, which relies on server-based large language models, often requires providers to see user requests. This can challenge privacy, especially for sensitive messages. Meta stated that the Private Processing tackles this issue by supporting AI functions, such as summarizing messages or offering writing assistance, while upholding WhatsApp’s commitment to privacy. Meta defined three guiding principles for Private Processing: Optionality: Utilizing AI features, including Private Processing, is completely optional. Transparency: The fir...

After the recent terror attack at Pahalgam, Pakistani hacking groups have reportedly launched synchronized cyber attacks against Indian websites. At least four websites were hacked, including the official website of Army College of Nursing at Punjab, reports said. While the other three locations remain to be discovered, the hack serves to highlight persistent cyber hostility between India and Pakistan a virtual front line that often simmers in the aftermath of geopolitical crises. Attack Overview and Attribution Cybersecurity specialists are of the view that the Pakistan Cyber Army (PCA) is most probably behind the attacks, but other state-backed entities such as Transparent Tribe (APT36) and SideCopy are also active in this sphere. All these entities have generally employed phishing operations, server misconfiguration, and web app vulnerabilities to compromise Indian cyber infrastructure. Likely Tactics and Tools Although formal technical disclosures are yet to be published ...