-
An ongoing supply chain attack has compromised multiple npm packages published by CrowdStrike, extending a malicious campaign known as the “Shai-Halud attack.” The incident, which involves the same malware previously used to target the popular tinycolor package, highlights the persistent threat of supply chain vulnerabilities within the open-source ecosystem. The npm registry acted swiftly to […] The post CrowdStrike npm Packages Compromised in Ongoing Supply Chain Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, threat actors have begun exploiting the Model Context Protocol (MCP)—a universal “plug-in bus” designed to streamline AI-assistant integrations—as a novel supply chain attack vector. MCP servers allow AI assistants and development tools to translate natural-language requests into executable commands, but this convenience comes at a steep price: unvetted MCP servers can run […] The post Threat Actors Can Weaponize MCP Servers To Harvests Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As more companies move their critical systems and data to Amazon Web Services (AWS), attackers are finding new ways to stay hidden inside cloud environments. AWSDoor is a tool designed to simplify and automate persistence techniques in AWS. Persistence…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by exploiting the social login feature. Site owners are urged to update …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has released visionOS 26, addressing eighteen security flaws that could allow unauthorized access to sensitive user data. The update, issued on September 15, 2025, covers a wide range of components in the Apple Vision Pro platform. Apple’s …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers are increasingly leveraging sophisticated techniques to maintain long-term access in cloud environments, and a newly surfaced tool named AWSDoor is emerging as a major threat. AWSDoor automates a range of IAM and resource-based persistence methods, allowing adversaries to hide in plain sight within AWS accounts without deploying traditional malware. Key Takeaways1. AWSDoor exploits IAM […] The post AWSDoor – New Persistence Technique Allows Attackers to Hide Malware Within AWS Cloud Environment appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In today’s complex digital landscape, the volume and sophistication of cyber threats have outpaced the ability of most organizations to manage their security on their own. The escalating costs of in-house security teams, the global cybersecurity …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Unvetted Model Context Protocol (MCP) servers introduce a stealthy supply chain attack vector, enabling adversaries to harvest credentials, configuration files, and other secrets without deploying traditional malware. The Model Context Protocol (MCP)—t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active since 2011, SmokeLoader (also known as Smoke or Dofoil) has cemented its reputation as a versatile malware loader engineered to deliver second-stage payloads, including trojans, ransomware, and information stealers. Over the years, it has evolve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two critical vulnerabilities, CVE-2025-41248 and CVE-2025-41249, have emerged in Spring Security and Spring Framework that could allow attackers to bypass authorization controls in enterprise applications. These flaws arise when using Spring Security’s @EnableMethodSecurity feature in conjunction with method-level annotations such as @PreAuthorize and @PostAuthorize. In applications where service interfaces or abstract base classes employ unbounded […] The post Spring Framework Security Flaws Enable Authorization Bypass and Annotation Detection Issues appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
