The present and future of security for the Model Context Protocol.
The widespread use of AI, particularly generative AI, in modern businesses creates new network security risks for complex enterprise workloads across various locations.
Earlier this year SpiderLabs observed an increase in mass scanning, credential brute forcing, and exploitation attempts originating from Proton66 ASN targeting organizations worldwide that we are...
A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing...
MetaTrader is a key tool for traders, offering a comprehensive platform that supports various financial instruments. Understanding its…
An analysis from iVerify found U.S. allies on the list where mobile providers employ China-based networks. The post 35 countries use Chinese networks for transporting mobile user traffic, posing...
An analysis from iVerify found U.S. allies on the list where mobile providers employ China-based networks. The post 35 countries use Chinese networks for transporting mobile user traffic, posing...
Modern SOC teams dealing with Splunk Detections need to process large volumes of detection logic written in SPL. The challenge? Much of it is complex, verbose, and time-consuming to...
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least...
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited...
Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. [...]
Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”
In a creative twist on traditional panel discussions, Industrial Cyber hosted a lively and engaging webinar on the... The post Industrial Cybersecurity in 2025: Insights from a Live Game...
Thousands tricked by fake reward & toll scam texts. CTM360 exposes PointyPhish & TollShark—SMS phishing campaigns powered by the Darcula PhaaS platform, with 5K+ domains stealing payment info...
Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools...
IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse
The number of infostealers sent through phishing emails jumped by 84% last year. IBM X-Force offers these recommendations for defending yourself from all manner of malware.
Microsoft has reminded customers that Office 2016 and Office 2019 will reach the end of extended support six months from now, on October 14, 2025. [...]
Apple's iOS 18.4.1 update fixes a bug with wireless CarPlay and resolves two security holes already exploited in targeted attacks.
Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The...
Cybercriminals lure content creators with promises of cutting-edge AI wizardry, only to attempt to steal their data or hijack their devices instead
MITRE will be able to keep running the CVE program for at least the next 11 months
Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024
MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.
A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark web
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. [...]
2025-04-16 • Sekoia • Sekoia TDR • elf.interlock, win.interlock Open article on Malpedia
Microsoft has released emergency Windows Server updates to address a known issue preventing Windows containers from launching. [...]