Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security

The Hacker News
Open in Source
#vulnerability#web#windows#google#microsoft#cisco#redis#intel#rce#auth#ssl#The Hacker News
A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same office, file sharing is enabled through an old protocol called SMB version one. It’s fast and

Akira Ransomware Claims It Stole 23GB from Apache OpenOffice

The Akira ransomware group claims to have stolen 23GB of data from Apache OpenOffice, including employee and financial records, though the breach remains unverified.

LotL Attack Hides Malware in Windows Native AI Stack

Security programs trust AI data files, but they shouldn't: they can conceal malware more stealthily than most file types.

Trick, treat, repeat

Thor gets into the Halloween spirit, sharing new CVE trends, a “treat” for European Windows 10 users, and a reminder that patching is your best defense against zombie vulnerabilities.

NASA’s Quiet Supersonic Jet Takes Flight

The X-59 successfully completed its inaugural flight—a step toward developing quieter supersonic jets that could one day fly customers more than twice as fast as commercial airliners.

Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks

Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns.

Dynamic binary instrumentation (DBI) with DynamoRio

Learn how to build your own dynamic binary instrumentation (DBI) tool with open-source DynamoRIO to enable malware analysis, security auditing, reverse engineering, and more.

GHSA-rj5c-58rq-j5g5: FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

### Summary A command-injection vulnerability lets any attacker who can influence the server_name field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor ### Details 1. generate_cursor_deeplink(server_name, …) embeds server_name verbatim in a cursor://…?name= query string. 2. open_deeplink() is invoked with shell=True only on Windows. That calls cmd.exe /c start <deeplink>. 3. Any cmd metacharacter inside server_name (&, |, >, ^, …) escapes the start command and spawns an attacker-chosen process. ### PoC server.py ``` import random from fastmcp import FastMCP mcp = FastMCP(name="test&calc") @mcp.tool def roll_dice(n_dice: int) -> list[int]: """Roll `n_dice` 6-sided dice and return the results.""" return [random.randint(1, 6) for _ in range(n_dice)] if __name__ == "__main__": mcp.run() ``` then run in the terminal: `fastmcp install cursor server.py` ### Impact OS Command / Shell Injection (CWE-78) Every Windows host that runs f...