Latest News
Scammers are exploiting Microsoft 365 Direct Send to spoof internal emails targeting US firms bypassing security filters with…
Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. It’s where 85% of modern work now happens. It’s also where copy/paste actions, unsanctioned GenAI usage, rogue extensions, and personal devices create a risk surface that most security stacks weren’t designed to handle. For security leaders who know
Facebook's pursuit of your personal data continues, and now it has a new target: photos on your phone that you haven't shared with it yet.
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers. The coordinated action saw searches of 21 known or suspected "laptop farms" across 14 states in the U.S. that were put to
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
Microsoft has said that it's ending support for passwords in its Authenticator app starting August 1, 2025. The changes, the company said, are part of its efforts to streamline autofill in the two-factor authentication (2FA) app. "Starting July 2025, the autofill feature in Authenticator will stop working, and from August 2025, passwords will no longer be accessible in Authenticator," Microsoft
Model Context Protocol (MCP) is a powerful protocol from Anthropic that defines how to connect large language models (LLMs) to external tools. It has quickly gained traction due to its ease of use and the benefits it adds in our use of AI. In this article we'll cover some of the potential security risks you'll encounter with MCP and how you can approach mitigating them.How MCP worksMCP does not directly connect LLMs with tools. The MCP client component accesses the LLM, and the MCP server component accesses the tools. One MCP client has access to one or more MCP servers. Users may connect any
Microsoft has called the hacker collective one of the most dangerous current cyber threats.