Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
InfoWorld

Curity looks to reinvent IAM with runtime authorization for AI agents

Traditional authentication is incapable of securing AI agents, the company says, as it announces Access Intelligence.
CNET

The Feds Took Down a 'Full-Service Cybercrime Platform' Behind $20M in Phishing

The W3LL phishing kit helped criminals steal tens of thousands of account credentials, primarily targeting Microsoft 365 ...
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
Security Boulevard

I Gave 4 AI Agents a Corporate Bank Account. Here’s How I Stopped Them From Draining It.

A technical build log of the Multi-Agent Control Room, where AI agents pay invoices, escalate denials, and every action is ...
manilastandard

SSS launches facial authentication feature to verify pensioners

The Social Security System (SSS) on Wednesday launched a facial authentication feature to allow pensioners to complete the Annual Confirmation of Pensioners (ACOP) requirement without visiting SSS ...
IEEE

Development of A Secure API Authentication Mechanism with JWT and Data Encryption

Abstract: Currently, the use of Application Programming Interfaces (APIs) has become essential and widely adopted in both web and mobile applications to support data integration and service ...
The Hacker News

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the ...
Science News

Intricate silk helps net-casting spiders ensnare prey in webs

For spiders that fling their webs at prey, a sturdy net is essential. A net-casting spider in search of a meal dangles upside down, holding a web in its legs before launching it at an unsuspecting ...