Unit 42 researchers at Palo Alto Networks exposed serious flaws in the Model Context Protocol (MCP) sampling feature used in AI coding copilots.
Malicious MCP servers can inject prompts to steal compute resources, hijack chats, and run hidden tools without user knowledge.
MCP Basics and...
Polish police have arrested three Ukrainian men traveling through Europe and seized a cache of advanced hacking equipment that could target critical IT systems.
The incident unfolded on December 8, 2025, when officers from Warsaw's Śródmieście district stopped a Toyota on Senatorska Street for...
Owners of hundreds of Porsche cars in Russia cannot drive their vehicles after a significant failure in the factory-installed satellite security system.
This issue began on November 28, 2025. It affected all internal combustion engine (ICE) models in the Rolf dealership network, Russia's biggest...
Google is rolling out a new defense against phone scams on Android devices. Called in-call scam protection, this feature pauses suspicious calls for 30 seconds when users open financial apps during screen sharing.
It targets scammers who pose as banks to trick people into...
AWS SageMaker provides managed Jupyter notebook instances for data science tasks. These instances link to IAM execution roles with broad permissions for storage, compute, and model access.
Attackers need only four key permissions: sagemaker: StopNotebookInstance, sagemaker: CreateNotebookInstanceLifecycleConfig (or update existing), sagemaker: UpdateNotebookInstance, and sagemaker:...
Researchers from BCA LTD, NorthScan, and ANY.RUN trapped North Korean Lazarus Group operatives, linked to the Famous Chollima division, live in controlled sandboxes during an IT worker infiltration plot targeting U.S. finance and crypto firms.
The team posed as a developer to lure the...