Enterprise Security Tech

In what many in the cybersecurity world feared might happen, the global ransomware threat has begun to rev back into gear. According to research from NCC Group , after a sustained slide in attack volume, September saw a 28 % month-on-month increase in ransomware incidents—421 attacks globally, up sharply from lower levels in the preceding months. The Anatomy of the Surge While 421 attacks is still below half a thousand, the increase is significant primarily for what it signal

In the steadily escalating conflict between cyber-defenders and adversaries, an emerging battleground is crystal clear: the gaming community. A new tool, originally designed for legitimate red-team operations, is now being weaponized against gamers—with alarming implications for credential theft, payment fraud and identity compromise. From open-source toolbox to weaponized infostealer First released publicly in 2024, the toolkit known as RedTiger  was marketed as a versatile,

Researchers at Forescout’s Vedere Labs say they’ve pulled open a fresh set of dangerous doors in TP-Link’s Omada and Festa VPN appliances — two newly cataloged vulnerabilities that let an attacker execute shell commands as root and resurrect a patched debug backdoor. The duo of flaws, tracked as CVE-2025-7850  and CVE-2025-7851 , expose an uncomfortable truth: incremental patches that don’t remove legacy developer features can create new, high-severity attack paths. The most

On October 20 2025, the security research team at JFrog Security Research published a disclosure of multiple vulnerabilities in the open-source package oatpp‑mcp—an implementation of the Model Context Protocol (MCP) standard produced by Anthropic. The most critical of these is logged as CVE‑2025‑6515, and JFrog’s researchers have coined the attack technique enabled by this flaw “Prompt Hijacking.” What’s the Protocol Here—and Why It’s Vulnerable MCP is designed to let large-

In what security researchers are describing as a watershed moment for developer supply-chain attacks, a new malware campaign dubbed GlassWorm  has begun spreading through extensions for Visual Studio Code (VS Code) and its open-source alternative, OpenVSX. The worm-like code has been installed on an estimated 35,800 developer machines so far. What happened: A stealthy worm enters the IDE According to analysts at Koi Security, the campaign first surfaced on October 17, 2025 wh

Security researchers at Varonis have uncovered a subtle yet powerful flaw in Microsoft Azure’s application registration system that allowed malicious actors to create fake apps with names like “Azure Portal,” bypassing long-standing safeguards meant to prevent impersonation of official Microsoft tools. The loophole—since patched by Microsoft—stemmed from the use of hidden Unicode characters to disguise application names. By inserting invisible “Combining Grapheme Joiner” cha