🇮🇳 Sakura Samurai 桜の侍 (sakurasamurai.org) hacked the Indian Government & found a ton of Critical Vulnerabilities.

Governments have an obligation to protect the private data of its employees and citizens. In addition, the exposure of proprietary government data can be used for great means of manipulation and for other destructive purposes. While the NCIIPC operates a Responsible Vulnerability Disclosure Program, the recklessness and avoidance of communication represents the complete opposite of a responsible program. A failure to release notification of breach to affected citizens and to patch highly-critical vulnerabilities in a timely manner reflects poorly on the state of their Information Security posture.

Sakura Samurai urge the NCIIPC to patch the remainder of the vulnerabilities. The criticality of some of the issues cannot wait weeks or months for adequate resolution.

https://johnjhacking.com/blog/indian-government-breached-massive-amount-of-critical-vulnerabilities/