Figma MCP Server Opens Orgs to Agentic AI Compromise – Dark Reading
Patch now: A bug (CVE-2025-53967) in the popular Web design tool’s option for talking to agentic AI can lead to remote code execution (RCE). – Read More
Cyber
Computer mice can eavesdrop on private conversations, researchers discover – CSO Online
High-end computer mice can be used to eavesdrop on the voice conversations of nearby PC users, researchers from the University of California, Irvine, have shown in a new proof-of-concept demonstration.…
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks – The Hacker News
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. “Site visitors get injected…
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool – Dark Reading
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. – Read More
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave – The Hacker News
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT…
Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs – Dark Reading
Wanna work for a hot brand? Cyberattackers continue to evolve lures for job seekers in an impersonation campaign aimed at stealing resumes from social media pros. – Read More
Open-source monitor turns into an off-the-shelf attack beacon – CSO Online
China-affiliated hackers have quietly turned a once-benign open-source network monitoring tool into a remote access beacon. According to new findings from cybersecurity firm Huntress, the attackers used log poisoning and…
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem – The Hacker News
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an…
Salesforce AI agents set to assist enterprises with security and compliance – CSO Online
Salesforce has announced two new AI agents operating on its Agentforce platform: one agent that monitors activity, detects anomalies, and accelerates investigations and remediations in the Salesforce Security Center; and…
Step Into the Password Graveyard… If You Dare (and Join the Live Session) – The Hacker News
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login.…
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now – The Hacker News
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as…
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks – The Hacker News
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said…
Autonomous AI hacking and the future of cybersecurity – CSO Online
AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation,…
Strengthening national cyber resilience through observability and threat hunting – NCSC Blog
How organisations can improve their ability to both detect and discover cyber threats. – Read More
Cyberattack Leads to Beer Shortage as Asahi Recovers – Dark Reading
A ransomware last week left the Asahi brewery in Japan struggling to take orders and deliver its products domestically, as manufacturers become a favored target. – Read More