CSO Online

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...
InfoWorld

MCP C# SDK 1.0 arrives with improved authorization server discovery

Milestone release of Microsoft’s C# SDK for the Model Context Protocol brings full support for the 2025-11-25 version of the MCP Specification.

Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...
The Hacker News

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle East conflict.
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...
Hackaday

This Week In Security: Getting Back Up To Speed

Over the course of nearly 300 posts, Jonathan Bennett set a very high bar for this column, so we knew it needed to be placed in the hands of somebody who could do it justice.
PCMag Australia

$20K in Stolen Games, a $5M Crypto Blunder, and a Very Bad Week for Internet Security

This week in cybersecurity: stolen PlayStation accounts, AI chat transcripts sold by data brokers, tax-season scams, deepfake ...