Threat Research: Hundreds of MCP Servers Vulnerable to Abuse

Summary: Backslash's research reveals that many Model Context Protocol (MCP) servers are vulnerable due to misconfigurations, exposing them to various security risks like unauthorized access, command execution, and data exfiltration. Key issues identified include network exposure allowing access from any local device, and excessive permissions permitting arbitrary commands on host machines. This vulnerability combination can lead to total control by an attacker. Users are advised to consult the Backslash MCP Security Hub for server safety, while developers should implement best practices for securing MCPs against these risks.

https://www.backslash.security/blog/hundreds-of-mcp-servers-vulnerable-to-abuse

Cybercriminal Abuse of Large Language Models

Cybercriminals exploit large language models (LLMs) for illicit activities, using uncensored models or creating their own to bypass safety features. They employ these models for tasks like generating phishing emails, scanning vulnerabilities, and writing malware. Techniques like jailbreaking and obfuscation allow them to manipulate legitimate LLMs for harmful purposes. Cybercriminals also face risks of scams when accessing fraudulent LLM services. As LLM technology evolves, it serves as a tool for enhancing traditional cyber threats.

https://blog.talosintelligence.com/cybercriminal-abuse-of-large-language-models/

AI Is a Data-breach Time Bomb, Reveals New Report

New report warns that AI presents significant data-breach risks, with 99% of organizations exposing sensitive information to potential AI misuse. Inadequate security measures, such as unverified apps and poor MFA practices, increase vulnerability. Recommendations include reducing risk exposure, continuous monitoring, and leveraging AI for security enhancements. No organization is fully prepared for these threats.

https://www.bleepingcomputer.com/news/security/ai-is-a-data-breach-time-bomb-reveals-new-report/

How Global Threat Actors Are Weaponizing AI Now, According to OpenAI

OpenAI's recent report highlights misuse of generative AI tools, primarily from actors in China, involved in producing misinformation and engaging in cyber activities. Specific examples include creating social media posts to influence political discourse and unauthorized cyber intrusions. The report emphasizes the ongoing arms race between developers and malicious users, amidst concerns about regulatory gaps in the US.

https://www.zdnet.com/article/how-global-threat-actors-are-weaponizing-ai-now-according-to-openai/

Defending Against Evolving Identity Attack Techniques

Microsoft's blog discusses evolving identity attack methods by threat actors, emphasizing the rise in sophisticated phishing techniques targeting cloud identities despite advances like MFA and passwordless solutions. The article highlights various modern phishing methods, including adversary-in-the-middle attacks, device code phishing, OAuth consent phishing, and phishing via enterprise communication platforms, particularly Microsoft Teams. It stresses the importance of user education and advanced security measures (e.g., conditional access policies and Zero Trust) to protect against these threats. Recommendations for organizations include implementing phishing-resistant MFA, user training, and leveraging Microsoft Entra for enhanced security.

https://www.microsoft.com/en-us/security/blog/2025/05/29/defending-against-evolving-identity-attack-techniques/

Lumma Stealer: Breaking Down the Delivery Techniques and Capabilities of a Prolific Infostealer

Lumma Stealer Overview: Lumma Stealer is a sophisticated infostealer malware targeting various industries, utilizing diverse delivery methods including phishing, malvertising, and exploiting legitimate services. Operated as Malware-as-a-Service (MaaS) by threat actor Storm-2477, it facilitates credential theft from browsers and applications, particularly cryptocurrency wallets. Unlike previous variants, it employs multi-vector strategies and adaptive infrastructure to evade detection. Microsoft is actively working to disrupt Lumma's operations, having recently taken down around 2,300 associated domains and providing recommendations for mitigation against this evolving cyber threat.

https://www.microsoft.com/en-us/security/blog/2025/05/21/lumma-stealer-breaking-down-the-delivery-techniques-and-capabilities-of-a-prolific-infostealer/

Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250)

,

macOS vulnerability CVE-2025-31250 allows apps to spoof permission prompts, misleading users into granting access to the wrong application. Correctly patched in macOS Sequoia 15.5, earlier versions like Ventura and Sonoma remain unaddressed. The flaw arises from incorrect handling in the TCC framework's request logic, permitting consent responses for one app while displaying prompts for another. While exploiting this requires user interaction, it poses significant risks, particularly for high-access applications like Microphone and Camera. Apple has responded slowly to the issue, but recent updates appear to address the vulnerability, enhancing overall security.

https://wts.dev/posts/tcc-who/

Scientists Use AI to Encrypt Secret Messages That Are Invisible to Cybersecurity Systems

,

Scientists have developed a method using AI to encrypt messages within fake text, rendering them invisible to cybersecurity systems. This technique allows secure communication, particularly for journalists and citizens in oppressive regimes, by embedding secret messages that can only be accessed with a password. Dubbed EmbedderLLM, the method acts like digital invisible ink, but the ethics of its use remain a concern. The encryption is designed to resist future quantum computing decryption threats.

https://www.livescience.com/technology/artificial-intelligence/scientists-use-ai-to-encrypt-secret-messages-that-are-invisible-to-cybersecurity-systems

Google Chrome to Block Admin-level Browser Launches for Better Security

Google Chrome will prevent admin-level launches to enhance security, similar to a feature Microsoft implemented in Edge. This change ensures that the browser doesn't run with elevated permissions, reducing risks like unauthorized access through malicious downloads. A command-line switch will be added to manage this behavior in automation mode.

https://www.bleepingcomputer.com/news/google/google-chrome-to-block-admin-level-browser-launches-for-better-security/

What Are BYOVD Attacks?

BYOVD (Bring Your Own Vulnerable Driver) attacks exploit vulnerabilities in legitimate drivers to bypass security measures, allowing attackers to manipulate kernel-level resources directly. These attacks can disable security systems and enable encryption or data theft, notably used by the Cuba ransomware group, which has caused significant financial damage. Effective mitigation strategies include updating old operating systems, auditing kernel drivers, implementing strict permissions for driver loading, and using behavioral monitoring tools. Regular simulations of such attacks can help organizations validate their defenses.

https://cymulate.com/blog/defending-against-bring-your-own-vulnerable-driver-byovd-attacks/

Phishing Attack Uses Blob URIs to Show Fake Login Pages in Your Browser

Cofense Intelligence reports a phishing technique using blob URIs to create fake login pages in browsers, evading email security and stealing credentials. Blob URIs, which store data temporarily on local machines, make it difficult for security systems to detect malicious activity since external checks cannot see them. Attackers often redirect users from trustworthy sites to fake pages, posing a serious challenge for email security systems.

https://hackread.com/phishing-attack-blob-uri-fake-login-pages-browser/

How Signal, WhatsApp, Apple, and Google Handle Encrypted Chat Backups

Comparing encrypted chat apps, Signal has no cloud backup, prioritizing privacy; WhatsApp allows backups with optional end-to-end encryption; Apple's iMessages are encrypted but not in backups by default, unless users enable Advanced Data Protection; Google Messages provides encrypted backups with passcodes. Users must ensure all chat participants enable encryption for maximal security, and weigh the necessity of saving conversations against potential privacy risks.

https://www.eff.org/deeplinks/2025/05/back-it-back-it-let-us-begin-explain-encrypted-chat-backups

Catching a Phish With Many Faces

Summary: Phishing attacks are evolving, utilizing phishing-as-a-service toolkits to create dynamic, customizable fake login pages in real-time. These pages appear legitimate by using logos and branding from legitimate sources, making detection difficult. Attackers leverage urgency-inducing messages to entice victims to click links, often sending login credentials directly via AJAX. To protect against these threats, users should verify link authenticity, use strong passwords, enable two-factor authentication, and employ robust security measures. Cybercriminals continue to adapt their tactics, making awareness and technological defenses crucial.

https://www.welivesecurity.com/en/scams/spotting-phish-many-faces/

Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware

Email campaign distributing Ratty RAT malware exploits legitimate invoicing tactics and geofencing to bypass security. Attackers use a trusted email service and file-sharing platforms, manipulate recipients through social engineering, and employ Ngrok for covert links. Targeting mainly Italy, the campaign exemplifies advanced evasion strategies and challenges conventional detection systems. Fortinet provides protections, urging users to stay vigilant against such phishing threats.

https://www.fortinet.com/blog/threat-research/multilayered-email-attack-how-a-pdf-invoice-and-geofencing-led-to-rat-malware

LockBit Ransomware Gang Hacked, Victim Negotiations Exposed

LockBit ransomware gang hacked; admin panels defaced, revealing a database containing over 59,000 bitcoin addresses and 4,442 victim negotiation messages. Passwords stored in plaintext for 75 affiliates exposed. Breach occurred April 29, 2025, with uncertain perpetrators. This incident follows previous law enforcement disruptions, further damaging LockBit's reputation.

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/

Scroll to Top