APIs now represent the “dominant” attack surface for global organizations, with 87% registering a related security incident last year, according to Akamai. Now in its 12th year, the security vendor’s latest State of the Internet (SOTI) report was produced from… Read More "Average Number of Daily API Attacks Up 113% Annually"
Unabhängig davon, welche MCP-Server Unternehmen wofür einsetzen – “Unsicherheiten” sollten dabei außenvorbleiben. Gorodenkoff | shutterstock.com Model Context Protocol (MCP) verbindet KI-Agenten mit Datenquellen und erfreut sich im Unternehmensumfeld wachsender Beliebtheit. Allerdings ist auch MCP nicht frei von Sicherheitslücken, wie entsprechende… Read More "Tools, um MCP-Server abzusichern | CSO Online"
Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security 07 Nov 2025 • , 7 min. read The cybersecurity community lost one of its luminaries with the passing… Read More "In memoriam: David Harley"
Over half (54%) of UK companies were hit by nation state attacks last year as IT leaders grew increasingly fearful of AI-powered threats, according to a new report from Armis. The security vendor’s 2026 Armis Cyberwarfare Report was based on interviews with 1900… Read More "Surge in Nation State Attacks on UK Firms Amid Cyber Warfare Fears"
Identity security and governance startup Linx Security has announced raising $50 million in a Series B funding round that brings the total raised by the company to $83 million. The fresh investment round was led by Insight Partners, with additional… Read More "Linx Security Raises $50 Million for Identity Security and Governance"
Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay. 01 Apr 2026 • , 5 min. read Can you imagine all of the things you’ll leave behind when your… Read More "Managing risks to your loved one’s digital estate"
Google has started the rollout of a new Android developer verification system designed to reduce malicious apps and improve platform security, with global enforcement planned in the coming years. The system, outlined by the tech giant in a blog post, requires… Read More "Google Introduces Android Dev Verification Amid Openness Debate"
Does your chatbot know too much? Here’s why you should think twice before you tell your AI companion everything. 17 Nov 2025 • , 4 min. read In the movie “Her” the film’s hero strikes up an ultimately doomed romantic… Read More "What if your romantic AI chatbot can’t keep a secret?"
A method that could enable code execution through manipulated installation links in an AI development environment has been identified by security researchers. The technique, dubbed CursorJack by Proofpoint Threat Research, centres on the abuse of Model Context Protocol (MCP) deeplinks… Read More "CursorJack’ Attack Path Exposes Code Execution Risk in AI Development"
ESET researchers provide insights into how PlushDaemon performs adversary-in-the-middle attacks using a previously undocumented network implant that we have named EdgeStepper, which redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used… Read More "PlushDaemon compromises network devices for adversary-in-the-middle attacks"
