Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...

The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment

The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift ...
Microsoft

Making opportunistic cyberattacks harder by design

How Microsoft secures Dynamics 365 and Power Platform by removing credentials, reducing attack surfaces, and using platform ...
Tech Xplore

AI 'agent' fever comes with lurking security threats

Artificial intelligence "agents" promise to save users time and energy by automating tasks, but the growing power of systems ...

The hidden risks of vibe coding: 4 steps to protect your organization

You can’t be sure where that AI-generated code came from or what malware it might contain. These 4 steps help mitigate ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
DataBreachToday

Breach Roundup: Mr. Raccoon Wants Your Password

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...