MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...
Cybernews

KongTuke’s CrashFix campaign uses fake Chrome adblocker to deploy ModeloRAT

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome ...
Make Tech Easier

How to Make Persistent Changes to Docker Images Instantly

Learn how docker commit captures changes in a running container, make it persistent and create new images without altering ...
Security Boulevard

Clawdbot-Style Agentic Assistants: What Your SOC Should Monitor, Triage, and Contain

What SOC teams need to monitor, triage, and contain when clawdbot-like agentic AI assistants. Includes detection signals, triage questions, and a containment playbook. The post Clawdbot-Style Agentic ...
Hackaday

BASIC On A Calculator Again

We are always amused that we can run emulations or virtual copies of yesterday’s computers on our modern computers. In fact, there is so much power at your command now that you can run, say, ...