Malicious repositories and disguised symlinks can trick AI coding agents into silently installing attacker-controlled MCP servers capable of stealing secrets, compromising CI pipelines, and deploying malicious code.
The post ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems appeared first on SecurityWeek.
Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware.
The post GlassWorm Botnet Disrupted appeared first on SecurityWeek.
The attack was claimed by a hacktivist group, but evidence showed it used infrastructure linked to Iranian government threat actors.
The post LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers appeared first on SecurityWeek.
The FBI has issued an alert warning of Silent Ransom Group attacks targeting law firms.
The post FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data appeared first on SecurityWeek.
Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges.
The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek.
Nimbus Manticore has continued its operations during and after the US military campaign against Iran.
The post Iranian APT Targets Aviation, Software Companies With Updated Tools appeared first on SecurityWeek.
The allegedly stolen information leaked by ShinyHunters contains email addresses, names, addresses, and dates of birth.
The post 185,000 Likely Impacted by 7-Eleven Data Breach appeared first on SecurityWeek.
Notable integrations include CrowdStrike, Palo Alto Networks, Microsoft, Okta, Zscaler, Netskope, Cloudflare, Fortinet, and Wiz.
The post Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations appeared first on SecurityWeek.
Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution.
The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek.
Register to enjoy free access and explore the tools, strategies, and frameworks needed to build a resilient security program for a world where every minute counts.
The post Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available appeared first on SecurityWeek.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
