Security Boulevard

Arcjet Python SDK Sinks Teeth Into Application-Layer Security

A new Arcjet SDK lets Python teams embed bot protection, rate limiting, and abuse prevention directly into application code.
Dark Reading

Latin American Orgs Lack Confidence in Cyber Defenses, Skills

Cybersecurity professionals in Latin America are least likely to have faith in their countries' preparedness for cyberattacks on critical infrastructure.
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
Dark Reading

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

Python libraries used in top AI and ML tools hacked

The bugs have been fixed, so users should patch now, experts warn.
SecurityWeek

‘SolyxImmortal’ Information Stealer Emerges

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...

Some worrying security flaws were found in Anthropic's official Git MCP

Here's what happened next ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
Security Boulevard

Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures ...