InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
Microsoft

Making opportunistic cyberattacks harder by design

How Microsoft secures Dynamics 365 and Power Platform by removing credentials, reducing attack surfaces, and using platform ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...

The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment

The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift ...