Enterprise Security Tech

Researchers at Forescout’s Vedere Labs say they’ve pulled open a fresh set of dangerous doors in TP-Link’s Omada and Festa VPN appliances — two newly cataloged vulnerabilities that let an attacker execute shell commands as root and resurrect a patched debug backdoor. The duo of flaws, tracked as CVE-2025-7850  and CVE-2025-7851 , expose an uncomfortable truth: incremental patches that don’t remove legacy developer features can create new, high-severity attack paths. The most

On October 20 2025, the security research team at JFrog Security Research published a disclosure of multiple vulnerabilities in the open-source package oatpp‑mcp—an implementation of the Model Context Protocol (MCP) standard produced by Anthropic. The most critical of these is logged as CVE‑2025‑6515, and JFrog’s researchers have coined the attack technique enabled by this flaw “Prompt Hijacking.” What’s the Protocol Here—and Why It’s Vulnerable MCP is designed to let large-

In what security researchers are describing as a watershed moment for developer supply-chain attacks, a new malware campaign dubbed GlassWorm  has begun spreading through extensions for Visual Studio Code (VS Code) and its open-source alternative, OpenVSX. The worm-like code has been installed on an estimated 35,800 developer machines so far. What happened: A stealthy worm enters the IDE According to analysts at Koi Security, the campaign first surfaced on October 17, 2025 wh

Security researchers at Varonis have uncovered a subtle yet powerful flaw in Microsoft Azure’s application registration system that allowed malicious actors to create fake apps with names like “Azure Portal,” bypassing long-standing safeguards meant to prevent impersonation of official Microsoft tools. The loophole—since patched by Microsoft—stemmed from the use of hidden Unicode characters to disguise application names. By inserting invisible “Combining Grapheme Joiner” cha

In an era when geopolitics, regulation and innovation are colliding at high velocity, enterprises are sounding the alarm on a new breed of risk—one in which trade policy, state-sponsored cyber threats and under-governed artificial intelligence are converging to create a complex danger zone. According to the Riskonnect 2025 New Generation of Risk Report , a global survey of over 200 risk, compliance and resilience professionals reveals that traditional risk playbooks may be f

A cyber-extortion campaign exploiting zero-day vulnerabilities in Oracle’s E-Business Suite (EBS) has now ensnared Envoy Air , the Texas-based regional carrier owned by American Airlines . The airline’s name appeared on the Cl0p ransomware gang’s leak site  late last week, alongside other high-profile victims including Harvard University  and the University of the Witwatersrand  in South Africa. The attackers claim to have stolen more than 26 GB of data , though investigators