Security Boulevard

Malicious MCP Server Found Quietly Stealing Emails

A popular MCP server in the NPM repository that was being downloaded 1,500 times a week suddenly began quietly copying emails and sending them to a C2 server after the developer inserted a line of ...
The Hacker News

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

Russian APT COLDRIVER launches ClickFix attacks with BAITSWITCH and SIMPLEFIX malware; BO Team and Bearlyfy target Russia.
Infosecurity Magazine

Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

The attackers used process hollowing against RegAsm.exe, patched Windows defenses such as AMSI and ETW and unpacked further ...
XDA Developers on MSN

Someone tried to host a web server inside Portal 2, and it actually works

With this, a basic looking web page is born, and is essentially running completely off of a Portal 2 server.
CSO Online

Trust in MCP takes first in-the-wild hit via squatted Postmark connector

In a newly disclosed supply-chain attack, an npm package “postmark-mcp” was weaponized to stealthily exfiltrate emails, ...
Visual Studio Magazine

Elevate SQL Development with VS Code

Microsoft PM Carlos Robles previews his Live! 360 Orlando session on how recent updates to the MSSQL extension—like GitHub ...
SecurityWeek

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions

An updated variant of the sophisticated XCSSET macOS malware is monitoring the system clipboard to hijack cryptocurrency ...
XDA Developers on MSN

This self-hosted collaborative markdown editor is our family’s new wiki

Discover how HedgeDoc, a free and self-hosted collaborative markdown editor, became the ultimate solution for our family's ...

Cloudflare Gives Creators New Tool to Control Use of Their Content

New Content Signals Policy will empower website owners to declare preferences on how AI companies access and use their ...