CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

Quantum CatDV Showcases Automated Live Sports Production with North Shore Automation’s Stats Injector

Quantum Corporation (Nasdaq: QMCO) today announced that North Shore Automation’s Stats Injector is now fully compatible with Quantum CatDV, the media asset management and workflow orchestration ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

Iowa bill ends minors’ ability to consent to HPV vaccine alone

Iowa GOP lawmakers sent Gov. Kim Reynolds a bill that eliminates a minor child's ability to consent to the HPV vaccine ...
SecurityWeek

Cursor AI Vulnerability Exposed Developer Devices

NomShub, a vulnerability chain in Cursor AI, allowed attackers to achieve persistent access to systems via indirect prompt ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Microsoft

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...