Hackers Exploit Claude Code MCP Traffic to Hijack OAuth Authentication Tokens
Threat researchers have uncovered a novel man-in-the-middle (MitM) attack chain targeting Anthropic’s Claude Code ecosystem, where adversaries hijack Model C...
Technology
20 articles
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
Cloud computing has reached a crossroads. The high cost and data sensitivity of AI workloads are raising the appeal of private clouds, even as neoclouds and ...
JupiterOne launches continuous controls monitoring for security and compliance
JupiterOne Inc. has launched JupiterOne Continuous Controls Monitoring (CCM), a new product designed to test the effectiveness of security and compliance con...
Secure multi-tenant AI agents with Amazon Bedrock AgentCore resource-based policies
Software as a service (SaaS) providers building AI-powered applications on Amazon Bedrock AgentCore often need to serve multiple tenants with distinct securi...
Wireless Attacks on AI Data Centers: The Hidden Threat No One Is Watching - WC #1
AppOmni’s Marlin AI automates SaaS threat analysis, triage, and remediation at scale
AppOmni has launched Marlin AI to transform how enterprise organizations defend complex SaaS applications. Marlin AI delivers autonomous AI-powered SaaS secu...
AppOmni launches Marlin AI for autonomous SaaS security alert investigation
Marlin AI operates within the AppOmni platform, continuously analyzing security indicators across business-critical applications.
AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security
Marlin AI automatically analyzes SaaS misconfigurations, investigates related activity across enterprise environments, and recommends remediation steps — whi...
Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [.
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver mali...
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent co...
What to Look for When Choosing an ASPM Platform
Application security posture management (ASPM) has become a foundational capability for software-as-a-service (SaaS) and software companies building increasi...
The Canvas breach proved that prevention is no longer enough
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a w...
Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason And...
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon ...
Enhancing Data Center Security Without Sacrificing Performance
For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. T...
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS plat...
Threat Activity Enablers: The Backbone of Today’s Threat Landscape
Behind every ransomware demand, botnet, or threat activity group is a server sitting in a data center.
The Dangerous Momentum of Autodownload Phishing
Learn how attackers weaponize SaaS auto-download links and rotating phishing lures to deliver RMM malware. See how Cortex Email Security stops this forced-mo...
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of Saa...