DataBreachToday

Freight Hacker Wields Code-Signing Service to Evade Defenses

Cargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote ...
Arabian Post

Webhooks turn workflow tools into malware bait

Cyber attackers are abusing the low-code automation platform n8n to push malware and track targets through phishing emails, in a campaign that security researchers say gathered pace between October ...
Arabian Post

Signed adware campaign strips endpoint defences

A digitally signed software operation tied to Dragon Boss Solutions LLC has been linked to the disabling of antivirus protections on more than 23,000 endpoints worldwide, raising concerns that what ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

OpenAI drastically updates Codex desktop app to use all other apps on your computer, generate images, preview webpages

OpenAI is releasing more than 90 new plugins. These connectors—including CircleCI, GitLab, and Microsoft Suite—allow the ...