Nearly 2,000 MCP Servers Possess No Security Whatsoever darkreadingNate Nelson, Contributing Writer
July 18, 2025

Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full control of their servers. Authentication in MCP — …


3 Ways Security Teams Can Minimize Agentic AI Chaos darkreadingJosh Lemos
July 18, 2025

Security often lags behind innovation. The path forward requires striking a balance. Security often lags behind innovation. The path forward requires striking a balance.  ​Read More


Firmware Vulnerabilities Continue to Plague Supply Chain darkreadingRobert Lemos, Contributing Writer
July 18, 2025

Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed and updated. Four flaws in the basic software for Gigabyte …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 18, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors …


CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign The Hacker [email protected] (The Hacker News)
July 18, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that's designed to deliver a malware codenamed LAMEHUG. "An obvious feature of LAMEHUG is the use …


Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices The Hacker [email protected] (The Hacker News)
July 18, 2025

Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy …


Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services The Hacker [email protected] (The Hacker News)
July 18, 2025

Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries …


From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware The Hacker [email protected] (The Hacker News)
July 18, 2025

With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this …


Veeam Phishing via Wav File, (Fri, Jul 18th) SANS Internet Storm Center, InfoCON: green
July 18, 2025

A interesting phishing attempt was reported by a contact. It started with a simple email that looked like a voice mail notification like many VoIP systems deliver when the call …


ISC Stormcast For Friday, July 18th, 2025 https://isc.sans.edu/podcastdetail/9532, (Fri, Jul 18th) SANS Internet Storm Center, InfoCON: green
July 17, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More