Anatomy of a Modern Threat: Deconstructing the Figma MCP Vulnerability
Threat researchers recently disclosed a severe vulnerability in a Figma Model Context Protocol (MCP) server, as reported by The Hacker...
Blog
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
Oct 09, 2025Ravie LakshmananCyber Espionage / Artificial Intelligence A China-aligned threat actor codenamed UTA0388 has been attributed to a series...
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
Oct 09, 2025Ravie LakshmananMobile Security / Malware A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia...
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
Oct 09, 2025Ravie LakshmananCloud Security / Network Security SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup...
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Oct 09, 2025Ravie LakshmananCybersecurity / Hacking News Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven...
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits | Trend Micro (US) Content has been added to your Folio Go...
Weaponized AI Assistants & Credential Thieves
Weaponized AI Assistants & Credential Thieves | Trend Micro (US) Content has been added to your Folio Go to Folio...
USENIX 2025: PEPR ’25 – Breaking Barriers, Not Privacy: Real-World Split Learning Across Healthcare Systems
Creator, Author and Presenter: Sravan Kumar Elineni Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference...
CVE-2025-61882 Explained: The Oracle Zero-Day Breach That Hit Enterprises Hard
A critical zero-day vulnerability in Oracle E-Business Suite (EBS) was exploited by the Cl0p ransomware group in mid-2025. The flaw,...
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users Pierluigi Paganini October 09, 2025 All SonicWall Cloud Backup...
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord denies massive breach, confirms limited exposure of 70K ID photos Pierluigi Paganini October 09, 2025 Discord won’t pay threat...
SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution
Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security...
Lightship Security and the OpenSSL Corporation Submit OpenSSL 3.5.4 for FIPS 140-3 Validation
Newark, United States, October 9th, 2025, CyberNewsWire Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and...
Terraform Secrets Management Best Practices: Secret Managers and Ephemeral Resources
TL;DR: Use a secrets manager and variables—never hardcode secrets. Mark outputs sensitive and store state remotely with encryption and strict...
Visionary: 2025 Gartner® Magic Quadrant™ for Application Security Testing
We’re proud to share that Gartner has once again recognized Contrast Security as a Visionary in the 2025 Magic Quadrant...