Security news.
Today's security landscape is dominated by critical infrastructure threats, major platform breaches, and a growing crisis in vulnerability management. Vercel's breach tied to compromised third-party AI tools, active exploitation of Microsoft Defender zero-days, and design flaws in Anthropic's Model Context Protocol pose immediate risks to developers and enterprises alike.
Anthropic MCP Design Flaw Enables RCE, Threatens AI Supply Chain
Researchers discovered a critical "by design" weakness in the Model Context Protocol that allows arbitrary command execution on vulnerable MCP implementations, potentially compromising the entire AI supply chain.
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Threat actors are exploiting BlueHammer, RedSun, and UnDefend vulnerabilities in Microsoft Defender to gain elevated privileges; two remain unpatched as of this report.
Next.js Creator Vercel Breached; ShinyHunters Claims $2M Data Sale
Vercel confirmed a security incident after attackers claimed to breach its systems and offered stolen data for $2 million; the breach stemmed from compromise of third-party AI tool Context.ai used by an employee.
Hackers Abuse QEMU Emulator for Defense Evasion in Ransomware Campaigns
Payouts King ransomware and other threats are exploiting QEMU virtual machines as reverse SSH backdoors to bypass endpoint security and run hidden operations on compromised systems.
Pro-Iran Hacker Group Launches 24-Hour DDoS Attack on Bluesky
A sophisticated distributed denial-of-service attack disrupted the social media platform for approximately 24 hours, claimed by a pro-Iran threat actor.
British Scattered Spider Hacker Tyler Buchanan Pleads Guilty to Multiple Breaches
Tyler Buchanan admitted in court to hacking companies, committing fraud, and stealing cryptocurrency from multiple victims in connection with the Scattered Spider threat group.
Half of 6 Million Internet-Facing FTP Servers Lack Encryption
Continued reliance on the unencrypted FTP protocol exposes millions of enterprises and users to credential theft and man-in-the-middle attacks.
ZionSiphon Malware Targets Israeli Water and Desalination Infrastructure
Darktrace identified a new malware specifically designed to target Israeli water treatment and desalination systems, capable of establishing persistence and scanning for operational technology services.