%term

Malicious MCP Server on npm postmark-mcp Harvests Emails

Sep 25, 2025 By Liran Tal In Snyk

On September 25, 2025, the npm package postmark-mcp, an MCP (Model Context Protocol) server intended to let AI assistants send emails via Postmark, was reportedly modified to secretly exfiltrate email contents by adding a blind-copy (BCC) to an external domain. Current analysis suggests the behavior began around 1.0.16 and persisted in later versions.

Read Post

Snyk

Read more about Malicious MCP Server on npm postmark-mcp Harvests Emails

Breaking into Cybersecurity with Motti Tal: From Code to Cyber Strategies

Sep 25, 2025 By Memcyco In Memcyco

In this episode of Breaking Into Cybersecurity's latest episode, featuring Motti Tal, CSO at Memcyco. Motti shares his journey from studying computer science at Tel Aviv University to programming for the Israeli Navy and eventually moving into software and cybersecurity. He discusses the evolution of his career, how AI influences critical thinking, and the importance of innovative thinking in cybersecurity.

View Video

Memcyco

Read more about Breaking into Cybersecurity with Motti Tal: From Code to Cyber Strategies

Scammers are fooling you!

Sep 24, 2025 By KnowBe4 | Human Risk Management In KnowBe4

Scammers are slick using your own info to trick you. Stay sharp: Strong passwords + two-factor authentication Spot weird links/senders Go straight to the real site.

View Video

KnowBe4

Read more about Scammers are fooling you!

FraudGPT and the Future of Cyber crime: Proactive Strategies for Protection

Sep 18, 2025 By Lookout In Lookout

Generative artificial intelligence (GenAI) has firmly embedded itself in the workplace. As of 2024, more than two-thirds of organizations in every global region have adopted GenAI. And, as always, cyber criminals are eager to capitalize on a new and potentially powerful piece of technology. Over the past few years, a GenAI tool called FraudGPT has made phishing, hacking, and identity theft as simple as entering an AI prompt. FraudGPT and similar tools are essentially democratizing cyber crime.

Read Post

Lookout

Read more about FraudGPT and the Future of Cyber crime: Proactive Strategies for Protection

Military ID Deepfakes: How North Korean Hackers Target the South with AI

Sep 17, 2025 By Foresiet In Foresiet

North Korean threat actor Kimsuky has escalated its social engineering tactics by leveraging military ID deepfakes to deceive South Korean targets. According to a recent analysis by South Korean cybersecurity firm Genians, the group is now using AI-generated images to impersonate military personnel, making phishing campaigns more convincing and harder to detect.

Read Post

Foresiet

Read more about Military ID Deepfakes: How North Korean Hackers Target the South with AI

The MemcycoFM Show: Ep 15 - How CISOs Apply Zero Trust Thinking to Credential Harvesting Prevention

Sep 17, 2025 By Memcyco In Memcyco

A customer opens their bank’s login page. At least, that’s what they think. The design is flawless, the fields are familiar. But it’s a cloned site built to harvest credentials. Within seconds, their details are replayed against the genuine portal. To the bank’s defenses, it looks like business as usual — same username, same password, same MFA prompt.

View Video

Memcyco

Read more about The MemcycoFM Show: Ep 15 - How CISOs Apply Zero Trust Thinking to Credential Harvesting Prevention

Best Practices for Students to Avoid Plagiarism and Online Scams

Sep 17, 2025 By SecuritySenses In SecuritySenses

Students may find a lot of information with just one click in our digital era. This gives them a lot of chances to learn and study, but it also makes them more likely to fall for internet scams and copying. Both of these problems might have major effects, including failing school or even being threatened with harm. Students can avoid online fraud and copying by following these rules. As a consequence, their time at school will be safer and more moral.

Read Post

SecuritySenses

Read more about Best Practices for Students to Avoid Plagiarism and Online Scams

Spotting Scams and Phishing in Under 60 Seconds: A Simple Checklist Anyone Can Use

Sep 16, 2025 By Mohammed Hoque In Sedara

Scams are getting slick, but your best defense is still fast, calm thinking. In one minute, you can scan any email, text, or DM and decide if it’s safe. Use the checklist below, then save the quick steps for what to do if you already clicked.

Read Post

Sedara

Read more about Spotting Scams and Phishing in Under 60 Seconds: A Simple Checklist Anyone Can Use

Corporate Investigations: Protecting Your Business from Fraud and Theft

Sep 16, 2025 By SecuritySenses In SecuritySenses

Fraud and theft are among the most damaging problems facing businesses today. From small local companies to global corporations, the risk of losing money, stock, or sensitive information is a constant threat. What makes matters worse is that fraud often happens quietly, over long periods, and sometimes at the hands of trusted insiders. The financial losses can be devastating, but the damage to reputation and trust can be just as severe.

Read Post

SecuritySenses

Read more about Corporate Investigations: Protecting Your Business from Fraud and Theft

Tales from the fraud frontlines: The growing threat of DDoS attacks - and how to prevent them

Sep 12, 2025 By Joe Kitos In INETCO

Picture this: It’s a busy weekday afternoon and your online payment platform is humming with activity. Suddenly, everything slows down. Customers complain that transactions are failing, your website goes offline, and your team scrambles to figure out what’s happening. The culprit? A Distributed Denial of Service (DDoS) attack.

Read Post