Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

New research from Cyata reveals that flaws in the servers connecting LLMs to local data via Anthropic’s MCP can be exploited to achieve remote code execution and unauthorized file access. All three ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete ...
VentureBeat

Claude Code just got updated with one of the most-requested user features

Anthropic's open source standard, the Model Context Protocol (MCP), released in late 2024, allows users to connect AI models and the agents atop them to external tools in a structured, reliable format ...
InfoWorld

PythoC: A new way to generate C code from Python

PythoC lets you use Python as a C code generator, but with more features and flexibility than Cython provides. Here’s a first look at the new C code generator for Python. Python and C share more than ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
GitHub

cisco-ai-defense/mcp-scanner

The MCP Scanner provides a comprehensive solution for scanning MCP servers and tools for security findings. It leverages three powerful scanning engines (Yara, LLM-as-judge, Cisco AI Defense) that can ...
CSOonline

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
Microsoft

Evolving the Dynamics 365 ERP Model Context Protocol (MCP) Server

At Microsoft Build 2025, the Dynamics 365 ERP Model Context Protocol (MCP) server was introduced as a foundational step in connecting AI and enterprise resource planning (ERP) systems through a shared ...
Visual Studio Magazine

Azure MCP Server 1.0 Ushers in Agentic Cloud Automation

Microsoft announced the stable release of Azure MCP Server 1.0.0, describing it as the start of a new phase for cloud automation and AI-driven development. The open-source implementation of the Model ...
Bleeping Computer

Critical WSUS flaw in Windows Server now exploited in attacks

Attackers are now exploiting a critical-severity Windows Server Update Services (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code. Tracked as CVE-2025-59287, ...
The Hacker News

Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code ...