Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense
As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques...
Month: May 2025
BSidesLV24 – Ground Truth – Looking For Smoke Signals In Financial Statements, For Cyber
Author/Presenter: Brandon Pinzon Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from...
-Apr-29-2025-01-33-58-6552-PM.jpeg "Revived CryptoJS library is a crypto stealer in disguise")
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called ‘crypto-encrypt-ts‘ may appear to revive the unmaintained but vastly popular CryptoJS library, but what it...
Meet Doug McLaughlin: HYPR’s New SVP of Worldwide Sales
You’ve been at HYPR for six years. Why is now the right time for this expanded role and for HYPR’s...
The Future of Cloud Access Management: How Tenable Cloud Security Redefines Just-in-Time Access
Traditional approaches to cloud access rely on static, permanent permissions that are often overprivileged. Learn how just-in-time access completely changes...
Secrets leaks increase — and expand beyond the codebase
Organizations that assume secrets protection is solely about scanning public repositories and codebases for API keys, passwords, and tokens may...
Indian Court ordered to block email service Proton Mail
Indian Court ordered to block email service Proton Mail Pierluigi Paganini April 30, 2025 Indian Court ordered a nationwide block...
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats
How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to...
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that...
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About
Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this: “The...
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among...
Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan
Conclusion and security recommendations Earth Kasha continues to be an active advanced persistent threat and is now targeting government agencies...
