Critical Emby Server Vulnerability Let Attackers Gain Admin Access
09
Dec
2025

Critical Emby Server Vulnerability Let Attackers Gain Admin Access

A critical vulnerability has been discovered in Emby Server that allows unauthenticated attackers to gain full administrative access to affected…

Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
09
Dec
2025

Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens

Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The…

A set of hands types onto a laptop keyboard, viewed from above. The words "Prompt" and "Generate" appear at the top of the image.
09
Dec
2025

Prompt injection is a problem that may never be fixed, warns NCSC

Prompt injection is shaping up to be one of the most stubborn problems in AI security, and the UK’s National…

Digital sovereignty about outcomes, not theoretical ideals
09
Dec
2025

Digital sovereignty about outcomes, not theoretical ideals

The conversation around digital sovereignty is gaining momentum worldwide. In today’s climate of geopolitical uncertainty and technological competition, it is…

Exploiting Logic Flaws: Advanced Exploitation Guide
09
Dec
2025

Exploiting Logic Flaws: Advanced Exploitation Guide

It’s no secret that complexity is the biggest rival of safe applications. As web apps become more sophisticated, they create…

New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources
09
Dec
2025

New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources

Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature. Revealing how malicious servers can exploit…

New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
09
Dec
2025

New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware

A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading…

Global Costs of Software Supply Chain Attacks On The Rise
09
Dec
2025

Global Costs of Software Supply Chain Attacks On The Rise

09 Dec Global Costs of Software Supply Chain Attacks On The Rise Posted at 08:33h in Blogs by Taylor Fox…

New Black Kite module offers product-level insight into software supply chain vulnerabilities
09
Dec
2025

New Black Kite module offers product-level insight into software supply chain vulnerabilities

Black Kite released its new Product Analysis module, which allows security teams to evaluate the risks of third-party software products…

Elon Musk and X
09
Dec
2025

EU fines X $140m, tied to verification rules that make impostor scams easier

The European Commission slapped social networking company X with a €120 million ($140 million) fine last week for what it…

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
09
Dec
2025

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats

Google on Monday announced a set of new security features in Chrome, following the company’s addition of agentic artificial intelligence…

Google Announces 10 New AI Features for Google Chrome Powered by Gemini
09
Dec
2025

Google Announces 10 New AI Features for Google Chrome Powered by Gemini

Google has unveiled the most significant upgrade to Chrome in its history, integrating advanced AI capabilities powered by Gemini to…