‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
Model Context Protocol (MCP) has been a boon to agentic AI users and is widely used and trusted locally by companies adopting agentic AI internally. …
Category: SecurityWeek
Capsule Security Emerges From Stealth With $7 Million in Funding
Capsule Security, an Israeli startup aiming to add a security layer to agentic AI, today emerged from stealth mode with $7 million in seed funding.…
Exploited Vulnerability Exposes Nginx Servers to Hacking
A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild. Nginx UI (nginx-ui) is a…
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
Sweden said Wednesday that a pro-Russian group with links to Russia’s security and intelligence services was behind a cyberattack on a heating plant last year.…
100 Chrome Extensions Steal User Data, Create Backdoor
Over 20,000 users installed malicious Chrome extensions designed to provide a backdoor, steal information, or inject ads, cybersecurity firm Socket reports. The nefarious extensions have…
ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories
Industrial giants Siemens, Schneider Electric, Aveva, Rockwell Automation, ABB, Phoenix Contact, Mitsubishi Electric, and Moxa have published new ICS security advisories since the previous Patch…
Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
Basic-Fit, Europe’s largest gym and fitness chain, has disclosed a data breach affecting the personal information of roughly 1 million members. In a press release…
Adobe Patches 55 Vulnerabilities Across 11 Products
Adobe’s latest Patch Tuesday updates fix 55 vulnerabilities across 11 of the company’s products. Nearly all of the 11 new advisories have a priority rating…
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Microsoft’s latest Patch Tuesday updates fix 165 vulnerabilities, including a SharePoint zero-day that has been exploited in the wild. The exploited SharePoint Server vulnerability is…
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
We need to talk about Mythos, the recently announced AI model from Anthropic that has the industry panicking about the powerful technology’s ability to supercharge…
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
The CPUID website, popular in the PC hardware community, was recently hacked and altered to deliver malicious versions of CPU-Z, HWMonitor, and PerfMonitor. CPU-Z, HWMonitor,…
International Operation Targets Multimillion-Dollar Crypto Theft Schemes
An international operation involving law enforcement agencies from the United States, the United Kingdom, and Canada has targeted multimillion-dollar cryptocurrency theft schemes. Dubbed Operation Atlantic,…