SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...

bioschool.iitd.ac.in Improper Access Control vulnerability OBB-3953629

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

blog.delhiheritagewalks.com Cross Site Scripting vulnerability OBB-3770116

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

zipnet.delhipolice.gov.in Cross Site Scripting vulnerability OBB-3258151

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

transport.delhi.gov.in Cross Site Scripting vulnerability OBB-3128231

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The Low Threshold for Face Recognition in New Delhi

Police in India's capital say they only require an 80 percent accuracy rate for matches, raising new alarm bells for civil liberty advocates...

civil.iitd.ac.in Cross Site Scripting vulnerability OBB-2441174

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

delhimetrorail.info Cross Site Scripting vulnerability OBB-2361879

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

orderonline.delhiclub.com.au Cross Site Scripting vulnerability OBB-2358991

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

zipnet.delhipolice.gov.in Cross Site Scripting vulnerability OBB-2164552

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Indian call center seized over Amazon hacking scam against US citizens

By Deeba Ahmed The call center ran a fake Amazon technical support call center in South Delhi - Now, 26 of its "employees" have been arrested. This is a post from HackRead.com Read the original post: Indian call center seized over Amazon hacking scam against US citizens...

delhiwoodfurniture.com Cross Site Scripting vulnerability OBB-1430133

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ucmasdelhi.com Cross Site Scripting vulnerability OBB-1218335

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Urban Company: Private ip leaking through response

Name of Vulnerability: Information desclosure User Details: +91 ████ Summary: Private ip addresses are leaking through response in urban clap. Description: Hi team. During my research i found some IP address from the response.After finding the origin of the ip i found that these ip addresses are...

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report...

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report...

delhi.k12.ca.us XSS vulnerability

Open Bug Bounty ID: OBB-715350 Description| Value ---|--- Affected Website:| delhi.k12.ca.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

brevistay.com XSS vulnerability

Open Bug Bounty ID: OBB-281612 Description| Value ---|--- Affected Website:| brevistay.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

firstdial.in XSS vulnerability

Open Bug Bounty ID: OBB-222004 Description| Value ---|--- Affected Website:| firstdial.in Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Germany Orders Facebook to Stop Collecting Data on WhatsApp Users

A German privacy regulator issued an order this week prohibiting Facebook from collecting user data on German WhatsApp users, calling the company’s actions misleading and in violation of the nation’s data protection law. The move comes a few weeks after a recent WhatsApp policy change that said t...