A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Check out the open-source matrix for browser-based attack techniques. AiTM phishing, ClickFix, device code phishing, ConsentFix, malicious browser extensions — Push Security's Browser & Identity ...

Microsoft Copilot Growth, ClaudeBleed Risk, LinkedIn GDPR Complaint | Ep. 84 In today’s 2 Minute Tech Briefing, Microsoft Copilot tops 20 million enterprise users, researchers expose ClaudeBleed risks ...

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...

This repository is a collection of reference implementations for the Model Context Protocol (MCP), as well as references to community-built servers and additional resources. Important If you are ...

Copilot in Word introduces a Legal Agent designed for contract review, redlining, and negotiation using structured legal workflows. Legal teams gain negotiation ready edits, clear citations, and full ...

StarUML is a sophisticated modeler for agile and concise modeling. StarUML MCP Server enables you to create diagrams or generate codes from diagrams in StarUML via prompts.