Aggregator

SharePoint стал трещиной в фундаменте цифровой инфраструктуры.

A critical pre-handshake vulnerability in the LSQUIC QUIC implementation that allows remote attackers to crash servers through memory exhaustion attacks.  The vulnerability, designated CVE-2025-54939 and dubbed “QUIC-LEAK,” affects the second most widely used QUIC implementation globally, potentially impacting over 34% of HTTP/3-enabled websites that rely on LiteSpeed technologies. Key Takeaways1. CVE-2025-54939 allows remote DoS via […]

The post New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack appeared first on Cyber Security News.

DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale.

AI security is a business problem. Protect your LLM application investment and ROI by connecting your security team with business stakeholders.

A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet

A Florida judge ignored prosecutors’ request for an eight-year sentence and gave Noah Michael Urban 10 years in prison with three years of supervised release, and ordered him to pay $13 million in restitution to more than 30 victims.

Microsoft announced on August 20, 2025, a significant enhancement to its Microsoft 365 administrative capabilities with the introduction of new tenant-level controls for managing org-wide sharing links for user-built Copilot agents. This feature, scheduled for general availability in mid-September 2025, represents a critical step forward in enterprise governance for AI-powered collaboration tools. Enhanced Administrative Control […]

The post Microsoft 365 Adds New Feature for Admins to Manage Link Creation Policies appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This video shows how to define a protocol in CapLoader just by providing examples of what the protocol looks like. CapLoader can then identify that protocol in other traffic, regardless of IP address and port number, simply by looking for traffic that behaves similar to what it was trained on. We ca[...]

Static Tundra, a Russian state-sponsored threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group specializes in compromising network devices to facilitate long-term intelligence gathering, with a focus on extracting configuration data from […]

The post Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

中国有两个卫星星座计划，其一是上海垣信卫星科技有限公司的千帆星座，其二是中国卫星网络集团有限公司的国网星座。千帆星座得到了上海市政府的支持，2024 年 8 月发射了首批卫星，计划总共发射 1.5 万颗卫星。千帆星座被认为更接近于美国 SpaceX 的 Starlink 星座。国网星座要神秘得多，而中国卫星网络集团有限公司成立于 2021 年，属于国资委央企，它计划发射 12992 颗宽带卫星。美国军方认为国网可能不只是 Starlink 的中国版。国网星座的发射频率接近 Starlink，自 7 月 27 日以来中国发射了五组国网卫星，每次发射 5-10 颗，目前在轨卫星共 72 颗；而 SpaceX 在同一时期执行了六次 Starlink 卫星发射，每次最多 28 颗。国网卫星的轨道高度是 Starlink 的三到四倍。美国认为，国网卫星更接近于 SpaceX 为国家侦察办公室（NRO）发射的军用卫星 Starshield，该卫星用于情报、监视和侦察任务，至今已发射近 200 颗。

Поддельные магазины, автозаполнение карт и ни одного подозрения.

Cybersecurity researchers have uncovered a sophisticated new threat campaign that leverages a seemingly legitimate PDF editor application to transform infected devices into residential proxies. The malicious software, distributed under the guise of productivity tools, represents an evolving approach by threat actors who are increasingly exploiting trusted software categories to establish persistent network access and monetize […]

The post Threat Actors Weaponize PDF Editor With New Torjan to Turn Device Into Proxy appeared first on Cyber Security News.

The Kali Linux team has announced a significant enhancement of its Vagrant image build process, streamlining development and simplifying deployment for users. In a move to unify its infrastructure, the team has transitioned from HashiCorp’s Packer to DebOS for generating its pre-configured Vagrant virtual machines. The release also includes a handy cheat sheet to get […]

The post Kali Vagrant Rebuilt Released – Pre-configured DebOS VMs via Command Line appeared first on Cyber Security News.

Миллиард токенов потратили на эксперимент, который перевернул представления о возможностях машин.

Cybercriminals commonly target K-12 schools. To trick staff, students, and even parents into disclosing sensitive information, malicious attackers deploy phishing attacks. Training individuals on how to spot phishing emails is a key guardrail and can prevent significant financial, operational, and regulatory repercussions.  Read on as we unpack seven common phishing email examples and the steps ...

The post 7 Phishing Email Examples (And How To Spot Them) appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post 7 Phishing Email Examples (And How To Spot Them) appeared first on Security Boulevard.

The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia's Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices. [...]

背后有一些放之四海而皆准的方法论，值得借鉴

Over the last year, I’ve spent countless hours with CISOs, CTOs, and security architects talking about a new wave of technology that’s changing the game faster than anything we’ve seen before: Agentic AI and Model Context Protocol (MCP) servers.

If you think AI is still in the “cool demos and pilot projects” stage, think again. We’re already seeing autonomous agents reasoning, remembering, and taking actions in live production environments. MCP servers are quietly becoming the central nervous system for these agents, brokering instructions, accessing tools, and orchestrating API calls across your systems.

This is no longer an “emerging tech” conversation. It’s a real risk surface conversation. And it’s all powered by APIs.

Why APIs Are Now the Front Line

Every AI agent and MCP server interaction runs on APIs. Those APIs pull data from customer records, update transaction systems, initiate workflows, and often do so without a human in the loop.

Here’s the problem:

• Most current security tooling, like WAFs, API gateways, CDNs, and LLM security wrappers can’t see all of this API traffic.
• The API calls between an MCP server and your internal or third-party data sources often happen deep inside your environment, bypassing the “edge” where traditional tools sit.
• Many of these APIs are new, undocumented, or dynamic, created on the fly as agents take new actions.

Without real-time visibility into this API fabric, you’re blind to:

• What data agents are accessing
• Whether they’re staying within policy
• If an attacker has hijacked an agent or exploited an API to breach your system

The Stakes for CISOs

For CISOs, this is a perfect storm: a technology that’s moving faster than your governance frameworks, with attack surfaces multiplying overnight, all in a domain (APIs) where most organizations already struggle to get full visibility.

The “just secure the AI model” approach doesn’t work here. The model isn’t the thing taking actions; the APIs are. If you don’t secure them, you don’t secure the AI. Period.

The 5 Questions Every CISO Should Be Asking Right Now

When I meet with CISOs today, these are the five questions I tell them to put on the table immediately:

1. Do we have an accurate, up-to-date inventory of every API our AI agents and MCP servers are using? If you don’t know what you have, you can’t protect it.
2. Can we see API traffic between our MCP servers, AI agents, and all internal/third-party data sources in real time? Edge-only visibility isn’t enough. You need to see the whole API fabric.
3. Are our governance and policy controls applied at the API level for AI-driven actions? An AI agent can violate policy just as easily as a human, maybe faster.
4. Do we have threat detection tuned for AI-driven API attacks and abuse patterns? This is not “just another OWASP Top 10” problem. Agentic AI creates new classes of attacks.
5. How fast can we identify and stop a rogue agent or compromised MCP server before it impacts data or systems? Containment speed is everything once something goes wrong.

Where Salt Security Fits

At Salt, we’ve been securing APIs since before “API security” was even a market category. Our platform gives you:

• Complete visibility into all API traffic, including the traffic no other tool sees between MCP servers, AI agents, and data sources.
• Continuous discovery so you’re never blindsided by a new or shadow API.
• Real-time threat detection and blocking built for modern API abuse patterns, including those driven by AI agents.
• Governance at scale, so your policies follow the API, no matter how dynamic your environment gets.

If Agentic AI is your new competitive advantage, API security is your new survival strategy. You can’t slow the technology down, but you can be ready for it.

Final Thought

Agentic AI and MCP servers are reshaping the attack surface, whether we like it or not. The organizations that thrive in this new reality will be the ones that treat API security as core infrastructure and not an afterthought. If you’re not already asking the five questions above, now is the time to start.

If your team is exploring agentic AI and wants to talk about securing the foundation it runs on, let’s connect. Request a demo now, and I’ll have one of our AI security experts reach out to you directly.

Also, we are hosting a webinar on August 28 to explore these topics in more depth. You can register for the webinar here.

The post Why AI Agents and MCP Servers Just Became a CISO’s Most Urgent Priority appeared first on Security Boulevard.