Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
CSO Online

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and ...

Your AI agents need a terminal, not just a vector database

DCI lets AI agents search raw files with grep and bash instead of embeddings — boosting accuracy 11 points and cutting ...
Infosecurity Magazine

Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence

Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ...
InfoWorld

Anthropic acquires Stainless to strengthen Claude’s developer tooling

The deal gives Anthropic tighter control over how developers connect Claude to software and business systems as AI vendors ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

BlueRock Open Sources MCP Python Hooks for Real-Time MCP Server Visibility

BlueRock today announced the open source release of BlueRock MCP Python Hooks, a lightweight runtime observability tool for Python. It captures MCP server activity by inspecting the protocol, ...
Computer Weekly

BlueRock open sources MCP Python Hooks

As adoption of MCP servers accelerates into the tens of thousands, developers and platform teams are increasingly responsible ...

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...