Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who have found exploitable instances in many commercial services and open-source ...

One tool call to rule them all? New open source Python tool RunPod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential ...

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...
TechJuice

Hackers Deploy SNOW Malware Suite via Microsoft Teams

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...
How-To Geek on MSN

This one tool is all you need to effortlessly manage and back up your dot files

It automatically backs up all your configuration files and lets you rebuild them on new machines with one click!
Security Boulevard

How Escape AI Pentesting Exploited SSRF in LiteLLM

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive ...
The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...