MCPs are just other people’s prompts and other people’s APIs
I’ve been thinking about Model Context Protocols (MCPs) for months, and here’s the simplest way to explain what they actually are: MCPs are other people’s…
Author: Cybernoz
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments…
CISA Adds Citrix Vulnerabilities To KEV As New Flaws Emerge
The U.S. Cybersecurity and Information Security Agency (CISA) has added two Citrix vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog just as new Citrix vulnerabilities…
New Attack Targeting ScreenConnect Cloud Administrators to Steal Login Credentials
A sophisticated credential harvesting campaign has emerged targeting ScreenConnect cloud administrators with spear phishing attacks designed to steal super administrator credentials. The ongoing operation, designated…
China-Based Threat Actor Mustang Panda’s TTPs Leaked
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT)…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
Aug 26, 2025Ravie LakshmananVulnerability / Mobile Security A team of academics has devised a novel attack that can be used to downgrade a 5G connection…
First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption
A new ransomware has been identified, which is believed to be the first-ever ransomware strain that leverages a local AI model to generate its malicious…
Black Hat Ignites Under Vegas Lights
Driving through the quiet, endless beauty of the Nevada desert, I let the raspy voice of Jim Morrison carry me forward. “The End” played as…
Securden Unified PAM Flaw Allows Attackers to Bypass Authentication
Securden Unified PAM is a comprehensive privileged access management platform that is used to store, manage, and monitor credentials across human, machine, and AI identities…
Okta makes AI identity play with Axiom acquisition
Identity technology supplier Okta is to acquire Axiom Security, a supplier of privileged access management (PAM) for cloud, database, software-as-a-service (SaaS) and other critical resources,…
Court ruling in Epic-Google fight could have ‘catastrophic’ cyber consequences, former gov’t officials say
A court injunction in the long fight between Fortnite publisher Epic Games and Google could have “catastrophic results for the nation’s security” and “risks creating…
Nevada closes state offices as cyberattack disrupts IT systems
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to…