Figma MCP Server Opens Orgs to Agentic AI Compromise – Dark Reading
Patch now: A bug (CVE-2025-53967) in the popular Web design tool’s option for talking to agentic AI can lead to remote code execution (RCE). – Read More
Computer mice can eavesdrop on private conversations, researchers discover – CSO Online
High-end computer mice can be used to eavesdrop on the voice conversations of nearby PC users, researchers from the University of California, Irvine, have shown in a new proof-of-concept demonstration.…
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks – The Hacker News
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. “Site visitors get injected…
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool – Dark Reading
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. – Read More
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave – The Hacker News
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT…
Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs – Dark Reading
Wanna work for a hot brand? Cyberattackers continue to evolve lures for job seekers in an impersonation campaign aimed at stealing resumes from social media pros. – Read More
Open-source monitor turns into an off-the-shelf attack beacon – CSO Online
China-affiliated hackers have quietly turned a once-benign open-source network monitoring tool into a remote access beacon. According to new findings from cybersecurity firm Huntress, the attackers used log poisoning and…
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem – The Hacker News
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an…
Salesforce AI agents set to assist enterprises with security and compliance – CSO Online
Salesforce has announced two new AI agents operating on its Agentforce platform: one agent that monitors activity, detects anomalies, and accelerates investigations and remediations in the Salesforce Security Center; and…
Step Into the Password Graveyard… If You Dare (and Join the Live Session) – The Hacker News
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login.…
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now – The Hacker News
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as…
Tech over cuts: How UK law firms are investing in efficiency, not redundancy – Legal Futures
Rising operational costs, growing client expectations for value and transparency, and economic uncertainty have left many firms questioning how best to adapt. The post Tech over cuts: How UK law…
Kevin Smith’s story: Customising Hoowla Case Management Software for vehicle damage claims – Legal Futures
As a freelance solicitor specialising in vehicle damage claims, Kevin Smith knew that efficiency was going to either make or break his practice. The post Kevin Smith’s story: Customising Hoowla…
Ban for ex-Walker Morris PA who kept colleague’s wedding gift money – Legal Cheek
£250 A former personal assistant at Walker Morris has been barred from the legal profession after keeping staff donations intended to fund a colleague’s honeymoon. The Solicitors Regulation Authority (SRA)…
Barrister reprimanded over sweary comments towards probation staff – Legal Cheek
Effing and blinding A barrister has been reprimanded by a bar disciplinary tribunal after making inappropriate comments to probation staff in a case where he had been instructed by the…