One-click MCP servers with Cloudflare
Cloudflare simplifying MCP deployment (click for full size) One thing I’ve never liked about the whole MCP thing is the fact that you have to…
Month: August 2025
New ZipLine Campaign Attacks Critical Manufacturing Companies to Deploy In-memory Malware MixShell
In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to…
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth…
ESET warns of PromptLock, the first AI-driven ransomware
ESET warns of PromptLock, the first AI-driven ransomware Pierluigi Paganini August 27, 2025 ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama…
Most AI Interaction Will Go Through Your DA
The stages of technological evolution (click for full size) A long time ago, I wrote about how things tend to start off as ideas, then…
What to expect after going public with a bug bounty program?
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program…
DOGE Accused of Creating Live Copy of the Country’s Social Security Information in Unsecured Cloud Environment
A whistleblower disclosure filed today alleges that the Department of Government Efficiency (DOGE) within the Social Security Administration (SSA) covertly created a live copy of…
Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims
A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying…
Is Opencode as Smart as Claude Code?
The battle of the AI coding assistants (click for full size) I want to answer the question of how good OpenCode is compared to Claude…
“The entire internet is broken”: ethical hacking expert John Hammond meets James Kettle | Blog
Amelia Coen | 27 August 2025 at 09:11 UTC In a brand-new collaboration between ethical hacking and AppSec expert John Hammond and world-renowned security researcher…
New Cephalus Ransomware Leverages Remote Desktop Protocol to Gain Initial Access
A newly identified ransomware strain named Cephalus has emerged as a sophisticated threat, targeting organizations through compromised Remote Desktop Protocol (RDP) connections. The malware, which…