Google: Brickstorm malware used to steal U.S. orgs' data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S.
SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
Hackaday

This Week In Security: Randomness Is Hard, SNMP Shouldn’t Be Public, And GitHub Malware Delivery

Randomness is hard. To be precise, without dedicated hardware, randomness is impossible for a computer. This is actually ...

CISA says hackers breached federal agency using GeoServer exploit

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last ...
SecurityWeek

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited

New report outlines the Top 25 MCP vulnerabilities and how attackers could exploit AI agents, plus strategies for defense.
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
Techno-Science.net on MSN

🚨 Your wallpaper can hack your computer: here's how

The images we see every day on our screens could hide dangers for our computers. A recent study reveals that artificial intelligence agents, these personal assistants capable of performing ...