Critical Risk: BADCANDY Re-Infection on Unpatched IOS XE
BADCANDY continues to compromise exposed Cisco IOS XE devices via CVE-2023-20198. Close the web UI exposure, patch now, rotate credentials, and verify eradication.
Read More
Claude Desktop Extensions Vulnerable to Command Injection
Researchers documented CVSS 8.9 command injection in three official Claude Desktop extensions Chrome, iMessage, and Apple Notes. Because those connectors built AppleScript commands with unescaped user input, prompt injection could pivot from web content to local shell execution on macOS. Anthropic patched the issues. This analysis explains the exploit chain, the fixes, and the validation steps security teams should run to keep MCP servers safe.
Russia Adds 24-Hour SIM Cooling-Off After Roaming
Russia introduced a 24-hour SIM cooling-off period after roaming or 72 hours of inactivity. Consequently, data and SMS pause while operators run anti-abuse checks, verify identity, and restore access in stages.
Microsoft Outlook Disables Inline SVG Support Amid Security Risks
Microsoft Outlook has disabled inline SVG image rendering after attackers exploited the feature in phishing campaigns, marking another step in tightening email security.
BitLocker Encryption Bypassed: TPM SPI Attack on PIN Method
A breakthrough hardware-based technique intercepts TPM communications over the SPI bus to unlock BitLocker volumes protected by TPM + PIN. This article analyses the method and its implications for enterprise encryption strategies.
Salesforce Customers Targeted by Data-Theft Extortion Campaign
Hackers exploited OAuth tokens in third-party Salesforce integrations, stealing CRM data and extorting affected customers. Salesforce urges clients to rotate credentials.
How Zombie APIs Resurface and Expand Attack Paths
Abandoned apps, APIs, and identities keep resurfacing. Hunt them continuously, retire them completely, and verify they stay dead—before attackers exploit them.
Cisco Firewall Vulnerability CVE-20333 Allows RCE — Update Now
A 0-day buffer overflow vulnerability in Cisco ASA and FTD devices, exploitable via WebVPN, allows unauthenticated remote code execution. Cisco has released patches and issued guidance for mitigation.
Cloaking for AI: Detecting Poisoned Pages Before They Spread
AI-targeted cloaking feeds AI agents a different web than humans see. Learn the risks, detection tactics, and governance steps to keep answers trustworthy.
ChatGPT Data Leaks: Seven New Prompt Injection Paths and Real
Seven fresh techniques let attackers leak ChatGPT data through everyday workflows: poisoned search, “q=” one-click links, allowlisted ad redirects, conversation injection, markdown hiding, and memory poisoning. Because exposure rides on normal browsing and memory behavior, prevention requires policy plus proof: sanitize URLs, block bing.com/ck/a, disable Saved Memory for high-risk roles, and validate controls continuously with OWASP LLM Top 10 and MITRE ATLAS as your benchmarks.