Author: Cybernoz
![[tl;dr sec] #275 - Damn Vulnerable MCP, Figma's Modern Endpoint Strategy, BloodHound for AWS IAM](https://image.cybernoz.com/wp-content/uploads/2025/04/tldr-sec-275-Damn-Vulnerable-MCP-Figmas-Modern-Endpoint.png "[tl;dr sec] #275 – Damn Vulnerable MCP, Figma’s Modern Endpoint Strategy, BloodHound for AWS IAM")
Deliberately vulnerable MCP to practice your hacking chops, how Figma’s balances usability & security, a new tool to put a…
Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. “Based…
A sophisticated cyberespionage campaign leveraging malicious Microsoft Management Console (MMC) scripts to deploy the stealthy MysterySnail remote access trojan (RAT). …
By Gary Miliefsky, Publisher, Cyber Defense Magazine Good news comes to us like a Windows patch Tuesday: Common Vulnerabilities and…
Discord is facing a new lawsuit from the state of New Jersey, which claims that the chat app is engaged…
Cybercriminals are exploiting the trust in e-gift cards and the prestige of Amazon to steal Microsoft credentials from unsuspecting employees….
Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn how attackers…
(cleaning out some notes I had jotted down. Now I’m putting them here instead) Religion needs to die because people…
The Cybersecurity and Infrastructure Security Agency on Wednesday said organizations and individuals should take steps to protect their environments from…
China has announced a significant step forward in its partnership with Russia, with plans to expand their cooperation in the…
Cyber security remained the most pressing challenge facing those in supply chain management roles during the first three months of…
Node.js malvertising campaign targets crypto users Pierluigi Paganini April 17, 2025 Microsoft warns of a malvertising campaign using Node.js to…