Midnight Web by Rahul Banerjee

  After October 14, 2025, Microsoft will end all support for Windows 10, which means key features and updates will stop. Specifically, Windows 10 will no longer receive feature updates, security updates or patches, technical support, or bug fixes from Microsoft. Key Feature Support That Stops No more feature updates: Microsoft will not release new features or improvements for Windows 10. Security updates end: Regular security patches protecting from viruses and vulnerabilities will stop, making systems more exposed to risks. Bug fix updates stop: No further patches for non-security bugs will be issued. Technical support gone: Microsoft will no longer offer customer or technical support for issues related to Windows 10. Microsoft 365 support reduced: Support for Microsoft 365 Apps on Windows 10 will be affected, although your Office applications may continue to run but with limited or no support. What if my Windows 10 computer doesn't meet the requirements for Windows 11...

A major security vulnerability in India's income tax filing portal has been fixed, TechCrunch reported. The flaw, discovered by security researchers Akshay CS and "Viral" in September, allowed logged-in users to access real-time personal and financial information of other taxpayers. This included sensitive details such as full names, home addresses, email addresses, dates of birth, phone numbers and bank account information. Exposed Aadhaar numbers of individuals The security flaw in the income tax filing portal also exposed Aadhaar numbers, a unique government-issued identification number used for identity verification and accessing government services. TechCrunch verified the data by allowing researchers to search its records on the portal. The researchers confirmed on October 2 that the vulnerability had been patched. Discovery process Researchers found bug while filing tax returns The researchers found the security flaw while filing their recent income tax return on...

  WhatsApp the app that's become so much a part of our daily lives now that it's second nature to our thumbs. From group chats with family members to office messages that could very easily have been an email, WhatsApp is the undisputed monarch. With over 500 million users in India alone, it's a sure bet that it's the monarch of the messaging jungle. But, keep your encrypted data to yourself there's competition on the horizon: Arattai. Yes, you heard that right, an Indian-developed messaging app that is all ready to challenge WhatsApp and find its own place. Arattai, developed by Chennai company Zoho, is making headway as a domestic substitute for the likes of WhatsApp, Telegram, and the whole messaging fraternity. "Arattai" is indeed "casual chat" in Tamil. That relaxed, informal chat that doesn't have you questioning whether the government is tapping in. But, wait until we get all fired up about having a WhatsApp alternative, let's talk ...

  The Emergence of Digital Mobilization In spite of the ban, the protesters, who were mostly Generation Z, discovered ways to bypass the ban. They made use of VPNs and the limited platforms that were still available, such as TikTok, to mobilize and organize. The protests turned violent and claimed a huge number of lives very quickly, worsening public anger and prompting the Prime Minister's resignation.   Discord as a Digital Parliament In the wake of the political meltdown, a fresh, and surprising, chapter took place. The youth movement, rallying under the heading "Youth Against Corruption," made its way to Discord. This chat forum, initially infamous for its gaming forums, was the de facto "parliament" in which more than 145,000 members debated and voted on a new temporary leader. Following a series of emotive debates and surveys, they chose former Chief Justice Sushila Karki to head the government of transition. Her appointment, due to her standing ...

     The light from a dozen monitors reflected in Ramesh's weary eyes as he sagged in his chair. The Security Operations Centre was a constant storm of red alerts, each one a flash of digital lightning. "Analysts drown in alerts," he muttered to himself, the grim cliché of his profession. Today, the storm was a hurricane. A new threat had emerged a phantom, moving with the speed of a nation-state attack, leaving no clear trail for their traditional tools to follow. It wasn't just detection; it was a full-scale assault on critical infrastructure, a ransomware attack that was spreading like wildfire. Their systems flagged the initial breach, but every attempt at manual log correlation, every cross-reference, every deep dive into the dark web chatter was a dead end. The threat was faster and more unpredictable than ever, and ramesh and his team were reacting too late, always a step behind. This was the kind of crisis that demanded hours, even days, of tireless, manual...

  As someone who’s been following tech closely for over a decade, I’ve seen countless innovations come and go but few have stirred as much excitement and debate as ChatGPT. ChatGPT has developed, and launch ChatGPT 5, it genuinely seems that the enhancements have significantly slowed down. Previous iterations led to significant advancements in AI capabilities, particularly in assisting with coding. However, the enhancements now seem minor and somewhat gradual. It feels as though we’re experiencing diminishing returns in the extent to which these models improve at truly substituting real coding tasks. The vast majority of people say that AI is going to replace software engineers very soon. Yes, AI can perform simple activities and support routine activities, but where there are intricate things like planning the system, tackling more challenging problems, grasping actual business needs, and collaboration with others, it hasn't been able to catch up yet. T hese require creativity...

  OpenAI removed a controversial sharing option and began working to de-index exposed content. OpenAI has removed a controversial opt-in feature that had led to some private chats appearing in Google search results, following reporting by wired that found sensitive conversations were becoming publicly accessible. Earlier this week, wired   revealed that private ChatGPT conversations some involving highly sensitive topics like drug use and sexual health were unexpectedly showing up in Google search results. The issue appeared to stem from arguably vague language in the app’s “Share” feature, which included an option that may have misled users into making their chats publicly searchable. When users clicked “Share,” they were presented with an option to tick a box labeled “Make this chat discoverable.” Beneath that, in smaller, lighter text, was a caveat explaining that the chat could then appear in search engine results. Within hours of the backlash spreading on social media...

To get a Tatkal train ticket, which permits last-minute reservations, is frequently a race against time for millions of Indians. However, a sophisticated internet illicit market is progressively rigging this competition. According to an inquiry, organized organizations are taking advantage of weaknesses in the Indian Railway Catering and Tourism Corporation (IRCTC) system to make it extremely difficult for regular people to secure a confirmed seat. The Tools The speed at which these rackets operate is astonishing. They rely on advanced “bots” automated software programs like Dragon, JETX, Ocean, Black Turbo and Formula One are used, which specifically work to sell 'Tatkal Booking Bots'. These tools are designed to fill in all booking details, from login credentials and train information to passenger names and payment details, in less than a minute. This lightning-fast process overwhelms the IRCTC system, pushing genuine users out. To avoid being caught by IRCTC’s security s...

    A viral message is making the rounds on WhatsApp and social media in India, claiming to offer zero monthly fees and unlimited internet  via a device called   Starlink Mini.While the offer may sound tempting but it is completely misleading and has been flagged by the Indian government as unauthorized and false. Starlink Is Not Yet Operational in India As of June 2025 The satellite internet service by Elon Musk’s SpaceX has not launched its commercial operations in India. Although the company has received a Letter of Intent from the Department of Telecommunications (DoT), it still requires key regulatory approvals including: 1.Spectrum allocation 2.Clearance from IN-SPACE (Indian National Space Promotion and Authorization Centre) Until these approvals are granted, no official Starlink services including Starlink Mini are available in India. Once Starlink gets the green light to operate in India, here’s what consumers can realistically expect: Monthly ...

Naukri, a leading Indian jobs website, has patched a vulnerability that revealed the email IDs of recruiters posting jobs on its site to hunt for and recruit candidates online. The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri’s platform. The issue did not appear to affect the company’s website. The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,” Gowda told TechCrunch. He stated that open email IDs could be included in public breach databases or spam lists, and bulk scraping of email addresses can result in automated bot abuse or scams. TechCrunch confirmed the exposure after Gowda made disclosures regarding the bug. The researcher confirmed to TechCrunch that the bug was remediated earlier this week, which Naukri seco...

  Procolored, a Chinese printer manufacturer, has been sending infecting its customers with backdoors, infostealers, and cryptocurrency stealers - for six months. This information comes from cybersecurity researchers at G Data, who were alerted to the supply chain attack by a technical author and content creator, Cameron Coward. Apparently, Coward wanted to review one of Procolored’s printers. After attempting to install the accompanying software from a USB stick, he was alerted to the presence of the Floxif worm. He reached out to the company who dismissed the warning as a false positive. Unsatisfied with this response, Coward turned to Reddit, where his thread was picked up by G Data‘s cyber security researchers. G Data, however, discovered that 39 software downloads, hosted on mega.nz and last updated in October 2024, had been infected with two malware families, namely an information stealer and a backdoor. 1.Win32.Backdoor.XRedRAT.A 2.MSIL.Trojan-Stealer.CoinStealer.H ...

Seven Advanced Persistent Threat (APT) groups associated with Pakistan attempted to infiltrate Indian infrastructure, resulting in a staggering 99.99% failure rate despite launching over 1.5 million cyberattacks. Identified by Maharashtra Cyber, these groups employed various tactics including malware, DDoS attacks, GPS spoofing, and misinformation campaigns, with only 150 attacks achieving success and causing negligible disruption. 1.         APT36 (Transparent Tribe): Known for cyber espionage since 2013, it targets Indian defense and government sectors using CrimsonRAT malware via spear-phishing. 2.        Pakistan Cyber Force: Claimed breaches of Military Engineering Services and Manohar Parrikar Institute, and defaced Armoured Vehicle Nigam Limited’s website with Pakistan’s flag. 3.        Team Insane PK: Targeted Indian Army websites, like the Army College of Nursing, with provocative messaging. ...

Meta introduced Private Processing, an optional new feature aimed at allowing WhatsApp users to process messages with AI in a private, secure cloud environment. Meta stated this means that neither WhatsApp nor Meta any third party is able to access the messages, preserving end-to-end encryption. The news emphasized how AI has redefined technology engagement through the automation of activities and insights on data. However, traditional AI processing, which relies on server-based large language models, often requires providers to see user requests. This can challenge privacy, especially for sensitive messages. Meta stated that the Private Processing tackles this issue by supporting AI functions, such as summarizing messages or offering writing assistance, while upholding WhatsApp’s commitment to privacy. Meta defined three guiding principles for Private Processing: Optionality: Utilizing AI features, including Private Processing, is completely optional. Transparency: The fir...

After the recent terror attack at Pahalgam, Pakistani hacking groups have reportedly launched synchronized cyber attacks against Indian websites. At least four websites were hacked, including the official website of Army College of Nursing at Punjab, reports said. While the other three locations remain to be discovered, the hack serves to highlight persistent cyber hostility between India and Pakistan a virtual front line that often simmers in the aftermath of geopolitical crises. Attack Overview and Attribution Cybersecurity specialists are of the view that the Pakistan Cyber Army (PCA) is most probably behind the attacks, but other state-backed entities such as Transparent Tribe (APT36) and SideCopy are also active in this sphere. All these entities have generally employed phishing operations, server misconfiguration, and web app vulnerabilities to compromise Indian cyber infrastructure. Likely Tactics and Tools Although formal technical disclosures are yet to be published ...

                                                          This team was trained by the Indian Institute of Technology (IIT) Madras through its Pravartak Technologies Foundation. Training the first group of Cyber Commandos is a big move for India to boost its cyber security. The Union Ministry of Home Affairs has started this program to make the country's cyber defense stronger. The Cyber Commandos are a special team that will actively work to stop cyberattacks, protect important data, and maintain control over the digital space in India. Unlike existing units that only react to cyber crimes, the Cyber Commandos will work to prevent them. This initiative aims to provide law enforcement officers with advanced skills in handling cyber challenges. The training is tough, enabling both state and central police officers to become experts. These office...

  Big news recently broke in the email security space: Google has finally made it simple for Gmail business users to send encrypted emails to anyone on any device. That is correct, people, there are no longer any cumbersome certificate needs or business difficulties. When you write an email in Gmail and enable the additional encryption option, it will automatically decrypt it if the recipient is another Gmail user with an Enterprise or personal account. However, for recipients who use non-Gmail email clients or Google's mobile app, they will receive a link to sign in and view their encrypted email in a restricted version of Gmail. Additionally, for those who have set up on their accounts, Gmail will send the email via S/MIME configured, as it does now. This new feature is part of Google Workspace and is a game Cher for businesses looking to protect their sensitive data. What this means for you is that companies can now send fully encrypted emails to anybody without worrying about s...

Chapter 1: The Hidden Dangers of Always-On Connections Stop and ask yourself: Is your Wi-Fi always on? How about Bluetooth? If so, you might be unintentionally broadcasting your personal data to anyone curious enough to listen including that neighbor next door who might have a secret passion for hacking. Sure, it's convenient to stay connected 24/7, but there’s a darker side. Leaving these antennas active exposes your location, identity, and a treasure trove of details hackers can exploit. Whether you're an aspiring hacker eager to show off your sniffing skills or just an everyday user who wants a stress-free connection, it’s crucial to understand how Wi-Fi and Bluetooth work behind the scenes. As long as your phone is shouting “Connect with me!” to every Starbucks router or passing Bluetooth device, you're handing out free samples of your digital footprint. Let’s dive in and see how this seemingly harmless convenience comes with hidden risks. Chapter 2: Wi-Fi A Hidden ...

  In the ever-evolving world of artificial intelligence, Grok 3 is quickly making waves both for its cutting-edge capabilities and its shocking, unfiltered personality. Developed by Elon Musk’s xAI, Grok 3 is an AI chatbot that has taken the internet by storm, especially among regular X (formerly Twitter) users in India. Known for its snarky responses, irreverent tone, and ability to learn from the unpredictable and sometimes profane language of users, Grok 3 is far from your average chatbot. Launched in February 2025, Grok 3 is a powerhouse of computational prowess, utilizing 12.8 trillion tokens to deliver responses that range from wildly intelligent to oddly rebellious. It’s trained with data from a variety of sources everything from legal filings to X posts giving it a diverse range of knowledge and a unique ability to engage in conversation that feels real, yet sometimes, unsettlingly raw. But it’s not just Grok 3’s wealth of knowledge that’s making headlines. The chatbot ...

  YouTube has warned that scammers are using fake videos made by AI, showing YouTube's CEO, to trick people into giving away their account details. The scammers are sending these videos in emails that seem to say YouTube is changing its rules about making money on the platform. The emails include a link to a private video that looks like it's from YouTube. YouTube says in a post that it will never send you private videos or ask for information this way. If you get a private video claiming to be from YouTube, it's a scam. The phishing emails also warn you that YouTube won't contact you through private videos. The email tells you to report the sender if you think the email looks fake. The fake video in the email asks you to click a link. This link takes you to a fake page that looks like YouTube, where it asks you to log in to "confirm new rules." But the page is actually designed to steal your login details. Technical details of the phishing attack invo...

  The Illusion of VPN Encryption Many people believe that VPN encryption is a solid shield against prying eyes. However, for 99% of internet users, this encryption doesn’t add much protection. Most websites and apps already encrypt connections using HTTPS or TLS protocols, which provide strong protection without the need for a VPN. VPN encryption simply adds another layer that, in many cases, is redundant. Even worse, you have to trust your VPN provider to keep your data safe. If they are logging your activity (and most do), they can see everything you do online. Not just them any server they use could potentially access your data, too. And you have no way of auditing their practices or ensuring they are living up to their privacy claims. You essentially trust a middleman with your sensitive data, and that’s never a good idea. VPNs Were Never Designed for Consumer Privacy It’s important to understand the origin of VPNs. They were primarily designed for businesses to securely connec...

  What is Android System SafetyCore? Android System SafetyCore is an app automatically installed by Google on Android devices as part of their security and child protection updates introduced in October 2024. Its primary function is to scan and categorize content on your phone, helping users avoid undesirable material. It requires at least 2GB of RAM and Android 9 or newer to run, and is also compatible with Android Go devices. You won’t find it in your app drawer, as it only appears in the system app list. SafetyCore reportedly scans images and videos locally to flag inappropriate content, but Google clarifies that it only scans images shared through the Messages app. Should You Be Concerned About SafetyCore? Despite Google’s assurances that all scanning is done locally with no data sent off your device, the app's sudden, unannounced appearance and its deep system access have raised concerns. It feels intrusive, as users weren’t given a clear heads-up, and many wonder why it...