Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited
MCP has become an integral part of the expansion of agentic AI but comes with its own vulnerabilities. Model Context...
Read more →News Archive
View All →
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations Pierluigi Paganini September 23, 2025 Researchers earned $150K for “L1TF...
Read more →
NPM package caught using QR Code to fetch cookie-stealing malware
Newly discovered npm package ‘fezbox’ employs QR codes to retrieve cookie-stealing malware from the threat actor’s server. The package, masquerading as a...
Read more →
GitHub Enhances NPM’s Security with Strict Authentication, Granular Tokens, and Trusted Publishing
Recent High-profile supply‐chain attacks have exposed critical weaknesses in package registry security, prompting GitHub to roll out a suite of...
Read more →
Beware of Fake Online Speedtest Apps with Hidden JavaScript Code
These fake online speedtest applications prey on users seeking to measure their internet performance, yet they harbor hidden payloads that...
Read more →
Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content
A sophisticated cyber campaign, dubbed “Operation Rewrite,” is actively hijacking Microsoft Internet Information Services (IIS) web servers to serve malicious...
Read more →
Russia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major Nations
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has...
Read more →
How Major SOCs Achieve Early Threat Detection in 3 Steps
Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building a system...
Read more →
Scammers are impersonating the FBI to steal your personal data
Been scammed? Hoping to report it to the FBI? Definitely do so, but be careful. Spoofed versions of the FBI’s...
Read more →
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security
Sep 23, 2025Ravie LakshmananSupply Chain Attack / Malware GitHub on Monday announced that it will be changing its authentication and...
Read more →
EU to shut door on Big Tech in financial data sharing
Big Tech firms are set to be excluded from access to a European Union (EU)-wide financial data-sharing initiative, in a...
Read more →
Scattered Spider Suspect Arrested in US
A juvenile suspected of being involved in cyberattacks against multiple Las Vegas casinos was arrested last week, the Las Vegas...
Read more →