-
The first-ever malicious Model-Context-Prompt (MCP) server discovered in the wild, a trojanized npm package named postmark-mcp that has been secretly exfiltrating sensitive data from users’ emails. The package, downloaded approximately 1,500 times per week, contained a backdoor that copied every email processed by the tool to a server controlled by the attacker. This incident highlights […] The post First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security teams worldwide have been warned after attackers began exploiting a newly discovered zero-day vulnerability in Cisco Adaptive Security Appliance (ASA) 5500-X Series firewalls. The breach allows hackers to deploy sophisticated malware, dubbed&#…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel AI-driven threat leverages LLMs on Hugging Face to execute adaptive reconnaissance and data exfiltration in real time. Rather than relying on static scripts or prewritten payloads, LAMEHUG dynamically queries a Qwen 2.5-Coder-32B-Instruct model…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have discovered an advanced variant of the XCSSET malware specifically targeting macOS developers through infected Xcode projects, introducing sophisticated clipboard hijacking and enhanced data exfiltration capabilities. Micr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer and a newly identified information stealer dubbed Lone None Stealer (also known as PXA Stealer). This anal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Steam has officially confirmed that malware was discovered in the popular indie game BlockBlasters. The announcement follows widespread player reports and security scans that flagged unusual activity in the game’s files. This incident raises concerns a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a recently observed campaign emerging from Israel, threat actors have revived the use of Windows shortcut (.LNK) files to deliver a potent Remote Access Trojan (RAT). These seemingly innocuous shortcut files exploit Living-off-the-Land Binaries (LOL…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications. Among the impersonated software are Malwarebytes for Mac, LastPass, Citibank, SentinelOn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
